Silverthorn Associates Limited

WARP Virtual Services for individuals and organisations.

1) Virtual warp membership service; weekly threat intelligence via a weekly newsletter. Daily alerts, access to warp portal. Portal provides advice and guidance. £ 800.00 plus VAT per seat.

2) Virtual WARP Operations Service Incident reporting Platform and Cyber Threat Intelligence Platform. £ 1,000.00 plus VAT per seat.

Features

• Cyber threat intelligence
• Information security
• Information assurance
• Risk management

Benefits

• Be informed about current threats
• Access to advice and guidance

£800 to £1,800 a person a year

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Framework

G-Cloud 12

Service ID

230796221185712

Contact

Mark Brett
07720101733
mark.brett@silverthorn.info

Service scope

• Software add-on or extension: No
• Cloud deployment model: Community cloud
• Service constraints: Service is hosted on AWS EU infrastructure. Closed group.
• System requirements:
  • Browser
  • Email
  • Slack (Optional)

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response by email during office ours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Via Slack channel.
• Web chat accessibility testing: None.
• Onsite support: No
• Support levels: As hoc email / telephone support
• Support available to third parties: No

Onboarding and offboarding

• Getting started: After a Purchase Order is processed, Weser you up with you account.
• Service documentation: No
• End-of-contract data extraction: NA this is an Information Service so data extraction does not apply.
• End-of-contract process: No additional cost. We simply delete your account and remove your access.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: No
• API: No
• Customisation available: No

Scaling

• Independence of resources: The AWS Service autoscales.

Analytics

• Service usage metrics: No

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2012
• Government security clearance: Up to Security Clearance (SC)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest: Encryption of all physical media
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: In-house destruction process

Data importing and exporting

• Data export approach: NA
• Data export formats: Other
• Other data export formats: PDF download
• Data import formats: Other
• Other data import formats:
  • Keyboard input
  • Email input

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Subject to normal AWS levels.
• Approach to resilience: We rely on AWS standard services.
• Outage reporting: If unavailable we email our users.

Identity and authentication

• User authentication needed: Yes
• User authentication: Username or password
• Access restrictions in management interfaces and support channels: The system is offered with a user interface that has a separate admin layer.
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Other security certifications: Yes
• Any other security certifications: Cyber Essentials

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: Other
• Other security governance standards: Cyber Essentials
• Information security policies and processes: We have Cyber Essentials.

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: Configuration changes are controlled.
• Vulnerability management type: Undisclosed
• Vulnerability management approach: We regularly scan the AWS Service and monitor the levels.
• Protective monitoring type: Undisclosed
• Protective monitoring approach: We rely on AWS standard controls.
• Incident management type: Undisclosed
• Incident management approach: We have our own IRT.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Pricing

• Price: £800 to £1,800 a person a year
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF