Tricostar Software Ltd

Trusted Knight Agentless End Point Protection

Trusted Knight’s Protector Air is the only unified security solution for websites that combines traditional web security with protection against the growing customer-side threats posed by advanced malware and malicious JavaScript. Protector Air is a cloud-based service specifically designed to be simple to activate with zero customer friction.

Features

  • Protects login pages from credential theft
  • Prevents theft of payment data and transaction hijacking
  • Monitors and blocks malicious third-party Javascript injected in websites
  • Reports installation metrics and provides fraud intelligence
  • PCI Compliant Web Application Firewall (WAF)

Benefits

  • Stops compromised visitors of websites having their sensitive data stolen
  • Reduces brand damage, fraud and operating cost
  • Completely Agentless, easy to install, transparent to users
  • Requires no change to existing infrastructure

Pricing

£185 per unit per month

  • Education pricing available
  • Free trial available

Service documents

G-Cloud 11

653533920208514

Tricostar Software Ltd

James Lawler

01707 827 910

james.lawler@tricostar.com

Service scope

Service scope
Software add-on or extension No
Cloud deployment model Public cloud
Service constraints Service Availability 99.99%
System requirements Internet Access

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Support Availability: 365/24/7
Standard support response times:
• Response time for severity 1 (critical) issue: 1 hour
• Response time for Severity 2 (high) issue: 2 hours
• Response time for severity 3 (medium) issue: 1 business day
• Response time for severity 4 (normal) issue: 2 business days
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 24 hours, 7 days a week
Web chat support No
Onsite support No
Support levels Support Availability: 365/24/7
Standard support response times:
• Response time for severity 1 (critical) issue: 1 hour
• Response time for Severity 2 (high) issue: 2 hours
• Response time for severity 3 (medium) issue: 1 business day
• Response time for severity 4 (normal) issue: 2 business days
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started A short set-up form is sent to end user via email to initiate provisioning of service. Additionally, a kick-off call can be arranged.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction A data extraction/removal plan is in place.
End-of-contract process The service will terminate at the end of the contract term unless the customer renews.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
Accessibility standards None or don’t know
Description of accessibility N/A
Accessibility testing This is web security architecture rather than front end facing. Not applicable.
API No
Customisation available No

Scaling

Scaling
Independence of resources Highly granular by using contextual data and configuration options (policy and other settings). Intelligent handling of traffic to ensure legitimate requests are never blocked.

Analytics

Analytics
Service usage metrics Yes
Metrics types Real-time management information available:
Traffic volume
Web requests
Blocked threats
User sessions protected
Reporting types
  • Real-time dashboards
  • Regular reports

Resellers

Resellers
Supplier type Reseller providing extra support
Organisation whose services are being resold Trusted Knight

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations EU-US Privacy Shield agreement locations
User control over data storage and processing locations Yes
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process No
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach A data extraction/removal plan is in place. Details can be provided on request.
Data export formats CSV
Data import formats CSV

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability Service availability is 99.99% with support availability 365/24/7 via UK distributors.
Approach to resilience Our datacentres adhere to the EU code of conduct for energy-efficient datacenters. Further information is available on request.
Outage reporting Event and Vulnerability Monitoring and Tracking is in place.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication Username or password
Access restrictions in management interfaces and support channels Trusted Knight restricts access to production systems to only operations and support personnel. Development teams have access to development systems. This is enforced through a combination of IP-address-based security group restrictions as well as userid/password and security key access. Controls are tested whenever infrastructure changes are put in place that affects the access methods.
Access restriction testing frequency Less than once a year
Management access authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

Audit information for users
Access to user activity audit information Users contact the support team to get audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information You control when users can access audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification Yes
Who accredited the ISO/IEC 27001 QMS
ISO/IEC 27001 accreditation date 24/04/2019
What the ISO/IEC 27001 doesn’t cover Nothing
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification Yes
Who accredited the PCI DSS certification Self-assessed
PCI DSS accreditation date N/a
What the PCI DSS doesn’t cover N/a
Other security certifications Yes
Any other security certifications
  • Cyber Essentials Certified (Tricostar)
  • We can also supply penetration testers qualified in the following:
  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacking (CEH)
  • EC-Councils Certified Security Analyst (ECSA)
  • Licensed Penetration Tester (Master) Certifications

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach Trusted Knight follows general best practices for cloud-based service providers.
Information security policies and processes Security policy is jointly managed by the Chief Technology Officer and head of Operations and falls under the Chief Executive Officer. The CTO ensures secure software development practices are part of the software development lifecycle (SDLC), the Operations head ensures the operations and support team are implementing standards and monitoring systems, and the CEO is responsible for overall company policies and security awareness.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach Configuration and change management tracking is in place along with change impact assessment.
Vulnerability management type Supplier-defined controls
Vulnerability management approach Trusted Knight performs continuous monitoring of all production systems utilizing cloud service monitoring tools provided by Amazon Web Services, additional monitoring tools from third-parties, and internally-developed monitoring tools and processes. In the event of an incident (e.g. DDoS, or an attempted attack on a customer’s website), Trusted Knight’s operations team will monitor the activity and escalate to the customer according to SLAs that are worked out with the customer.
Protective monitoring type Undisclosed
Protective monitoring approach Trusted Knight performs continuous monitoring of all production systems utilizing cloud service monitoring tools provided by Amazon Web Services, additional monitoring tools from third-parties, and internally-developed monitoring tools and processes. In the event of an incident (e.g. DDoS, or an attempted attack on a customer’s website), Trusted Knight’s operations team will monitor the activity and escalate to the customer according to SLAs that are worked out with the customer.
Incident management type Supplier-defined controls
Incident management approach In the event of an incident (e.g. DDoS, or an attempted attack on a customer’s website), Trusted Knight’s operations team will monitor the activity and escalate to the customer according to SLAs that are worked out with the customer.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks Yes
Connected networks Other
Other public sector networks TBD

Pricing

Pricing
Price £185 per unit per month
Discount for educational organisations Yes
Free trial available Yes
Description of free trial We offer a free Proof of Concept with defined success criteria over a period of two-weeks (unless otherwise agreed).

Service documents

pdf document: Pricing document pdf document: Service definition document pdf document: Terms and conditions
Service documents
Return to top ↑