TENIAN Limited


We continuously monitor your organization’s digital shadow, identifying incidents as they occur, delivering relevant alerts and reports by email, through our client portal, and through our API as required. We continue to review and update our setup and configuration with you to understand and mitigate new threats as they emerge.


  • Cyber Threat Intelligence
  • Data Leakage Detection
  • Brand Protection
  • VIP Protection Reports
  • Cyber Situational Awareness
  • Dark Web Scanning
  • Cyber Attack Monitoring and Detection
  • Social Media Monitoring
  • Phishing Detection and Alerting
  • Online Digital Risk


  • Tells you what confidential data is leaking from your organisation
  • Identify threats to your business based on online evidence
  • Identify misuse of Social Media
  • Identify misuse of Brand or Trademarks
  • Provide Cyber Situational Awareness


£4400 to £29200 per unit per month

  • Free trial available

Service documents


G-Cloud 11

Service ID

7 0 9 1 7 0 8 5 4 4 6 0 2 7 4


TENIAN Limited

George Patterson

0845 0519351


Service scope

Service scope
Software add-on or extension No
Cloud deployment model Private cloud
Service constraints UK and US office hours for support.
System requirements System can be accessed via browser

User support

User support
Email or online ticketing support Email or online ticketing
Support response times Questions are responded to during UK and US office hours and are prioritised based on the nature of the enquiry.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support No
Support levels Standard level of support provided at no extra cost, accessible via email and phone 7am - 11pm UK hours. Response time of 30 minutes.
Support available to third parties Yes

Onboarding and offboarding

Onboarding and offboarding
Getting started Online training and client initiation is provided. Clients are walked through the portal and how to input seed data. Clients may call upon their dedicated analyst for support during service hours.
Service documentation No
End-of-contract data extraction Data is automatically purged from the portal and database after a set period. Data is available for download via the portal.
End-of-contract process Service price covers all aspects of the service as described. Service also includes a set number of analyst hours per month for ad-hoc research requests. No additional off-boarding costs.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices No
Service interface No
What users can and can't do using the API Users set up the API by being provisioned a access token which is presented via the RESTful interface. Users make changes by submitting requests and recieving responses. All portal funcitons are available via the API.
API documentation Yes
API documentation formats HTML
API sandbox or test environment No
Customisation available Yes
Description of customisation The service is tailored to each customer via the submitted seed data, via Tag subscriptions, portlet settings and by role.


Independence of resources Service is hosted on Amazon Web Services and Armor Hosting, these are designed to scale horizontally and can grow to accommodate new clients.


Service usage metrics Yes
Metrics types Our analysts track usage metrics and these details are available on request.
Reporting types Reports on request


Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Security Clearance (SC)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • EU-US Privacy Shield agreement locations
User control over data storage and processing locations No
Datacentre security standards Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency At least every 6 months
Penetration testing approach ‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Scale, obfuscating techniques, or data storage sharding
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach All data within the portal is exportable via pdf or csv.
Data export formats
  • CSV
  • Other
Other data export formats PDF
Data import formats
  • CSV
  • Other
Other data import formats
  • Xml
  • Word
  • Html
  • Pdf

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability All issues will receive an initial response within 2 business hours, and we strive to fully answer most general inquiries within the same business day.

Critical issues affecting service availability or overall functionality of the service are dealt with within 6 business hours of being received and acknowledged by the team during business hours.

Digital Shadows shall update the client, every 4 business hours if we are not able to resolve the issue immediately.
Approach to resilience Our service is designed to be resilient - we operate services across several ‘availability zones’ in both AWS and Armor hosted infrastructure. We conduct a full IT Disaster recovery test upon each release of software.
Outage reporting Email alerts then internal monitoring via API and Dashboard. We operate a strict SLA and can provide service credit arrangements. We work in partnership with the clients to ascertain a suitable monitoring regime.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication 2-factor authentication
Access restrictions in management interfaces and support channels We restrict access to all management interfaces and support channels by operating on a wholly private network, which uses mutual certificate authentication in addition to UserID and Pwd. These operate in a segregated network which is limited to small number of users whom possess the ‘roles’ of administrator or manager. Only personnel whom have been trained and on-boarded in this role may conduct this work and receive the appropriate permissions. We have a joiners and leavers process which ensures that all leavers are purged from the system. We regularly review this access.
Access restriction testing frequency At least every 6 months
Management access authentication 2-factor authentication

Audit information for users

Audit information for users
Access to user activity audit information Users have access to real-time audit information
How long user audit data is stored for At least 12 months
Access to supplier activity audit information Users contact the support team to get audit information
How long supplier audit data is stored for At least 12 months
How long system logs are stored for At least 12 months

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications
  • Cyber Essential Plus
  • ISO 27001:2013 Compliant ISMS
  • CSA Compliant Hosting Policy

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified No
Security governance approach We operate a ISMS that fully complies with ISO27001. We have undergone several internal audits and are currently undergoing our external certification. We have been audited by an accredited ISMS auditor.
Information security policies and processes We operate a range of policies that include:
- IT and Network Security Policy
- Password Policy
- Data Disposal and Destruction Policy
- Data Retention Policy
- Incident management plan/policy
- Mobile device security policy
- Business continuity plan
- Asset management policy
- IT disaster Recovery policy
- Document control policy
Our reporting structure is governed by our ISMS Manual, which is adopted and signed off by the executive board. Our companywide information security policy is briefed to all new joiners and included in regular security training.
Users receive regular tests though phishing testing and regular security incident drills which are managed through our incident management process.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We operate a change management system that is managed via Atlassian JIRA. All changes to operational, production or central IT assets must undergo a change process. at the point of each requirement, each change is scheduled and placed through an assurance framework which includes, availability, reliability, resilience, security and data compliance checks.
Vulnerability management type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach We operate a vulnerability management plan which includes asset management to prioritise critical assets, patch management which ensures appropriate patching is applied to those assets then an internal and external vulnerability assessment.
Protective monitoring type Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach Digital Shadows invests in protective monitoring that collects together syslog, netflow and network data across the four company hosting locations. This is aggregated by our monitoring system. We then align monitoring tests which are set up against the information security risk assessment - therefore the rules for alerts into our incident management plan focus on the key risks to our business. This includes monitoring for unauthorised remote access, activity on infected endpoints and forensic examinations should they be required. We have a separate arrangement with an incident readiness provider to submit materials to a court of law.
Incident management type Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach Digital Shadows are members of FIRST, and we operate a blue team who are responsible for the companywide incident management plan. This team consists of incident responders and triage who operate on a rota basis and incident managers whom determine the direction and outcome of investigations. All incidents are logged and triaged to an outcome which is recorded in our ISMS incident register. We use the monitoring systems as a key component and we regularly liaise with other company incident response teams should anyone be effected outside of the company.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No


Price £4400 to £29200 per unit per month
Discount for educational organisations No
Free trial available Yes
Description of free trial 1 month free trial of full service.

Service documents

Return to top ↑