Security Service
Our Security Service combines penetration testing and regular vulnerability scanning. Testing is carried out by our CREST accredited staff who look for exploitable vulnerabilities as well as triaging issues found in scanning. Issues found from both approaches are prepsented in a report together with remediation advice.
Features
- Web penetration testing carried out by CREST accredited test professional
- OWASP Top 10 used as basis for web penetration test
- Testing approach divided into three, test planning, reconnaissance and execution
- Recommendations on hardening for future attacks
- Scanning, triaging and reporting with agreed frequency
- Encrypted penetration testing report
- High priority blocking issues discussed immediately with client
- Automated and manual testing techniques used
- Web application front-end and admin areas focused on
- Secure project folder maintained for testing outputs
Benefits
- Independent testing from CREST certified practitioner
- Reveal flaws and ensure data is protected in the future
- Recognised as well as proprietary techniques used to reveal vulnerabilities
- Non-destructive test techniques used wherever possible
- Test tools configured not to overload infrastructure
- Automated scans monitored by our staff
- Clear and practical approach shared with client
- Pen test as part of Zoonou’s security assessment
- Complete audit of all available application pages
- Satisfy compliance and legal requirements
Pricing
£410 a person
Service documents
Request an accessible format
Framework
G-Cloud 12
Service ID
7 3 1 3 8 6 9 3 2 0 7 1 5 3 9
Contact
Zoonou Limited
Rhodri Alexander
Telephone: +44 (0)1323 433700
Email: digitalgov@zoonou.com
Planning
- Planning service
- Yes
- How the planning service works
- Zoonou provides a test advisory service to determine the requirements of any cloud project or programme of work and will advise on strategy, recommended QA processes, test approaches, tools and environments and so on. Zoonou conducts test planning activities for cloud hosting and software services, including test case design, high level test plans, the generation of test scripts in line with business requirements, the creation of test data and user requirements. Together with any approved documentation such as wireframes, designs, and technical / functional specifications Zoonou will develop test planning to support any cloud activities.
- Planning service works with specific services
- No
Training
- Training service provided
- Yes
- How the training service works
- Using onsite, virtual and eLearning methods Zoonou delivers bespoke training which helps customers build the skills they need to confidently deliver cloud and software testing services. Led by Zoonou’s qualified team of professionals, a syllabus is tailored to the customers’ requirements and skill levels, whether those needs are focused on beginner topics or advanced areas of study.
- Training is tied to specific services
- No
Setup and migration
- Setup or migration service available
- Yes
- How the setup or migration service works
- Zoonou can provide test strategy, planning, execution and reporting for the migration of applications and services to the cloud or between cloud services. Testing ensures that systems have been migrated correctly and that they function and perform consistently with the existing system. Testing often focuses on data migration, where checks are carried out to verify that data has been transferred to the new system without error. Migration testing combines different testing techniques as well as the creation of test data.
- Setup or migration service is for specific cloud services
- No
Quality assurance and performance testing
- Quality assurance and performance testing service
- Yes
- How the quality assurance and performance testing works
-
Zoonou specialises in testing and quality assurance services and is able to provide a full range of end-to-end test solutions across the lifecycle of a development project or programme. Our test consultancy service determines the strategy and requirements of any application under test, as well as providing QA processes, test execution, tools and reporting. Test design, scripting and documentation focuses the test effort to achieve coverage and that is traceable, measurable and repeatable. We offer consultancy, manual and automated testing as well as compatibility testing. Additionally, we offer Crest accredited Security testing, Accessibility and User testing.
For Performance Testing, our in-house Load testing team uses industry standard tools and techniques, to ensure that the limits and stresses of a product are understood and perform well at launch. We also offer Application Performance Monitoring to provide a long term assessment and reporting of application KPIs in a live environment.
Security testing
- Security services
- Yes
- Security services type
-
- Security strategy
- Security risk management
- Security design
- Cyber security consultancy
- Security testing
- Security incident management
- Security audit services
- Certified security testers
- Yes
- Security testing certifications
- CREST
Ongoing support
- Ongoing support service
- Yes
- Types of service supported
- Hosting or software provided by a third-party organisation
- How the support service works
- Zoonou provides ongoing support through our vulnerability scanning and application performance monitoring services that form part of our security and performance services.
Service scope
- Service constraints
- Zoonou's test execution services are offered remotely with most consultancy taking place onsite. We can offer options around that model in order to suit the needs of our clients.
User support
- Email or online ticketing support
- No
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- No
- Support levels
- The Zoonou team allocated to a test and QA project is available for contact via multiple means: telephone, email, webchat for support throughout the duration of our service Monday-Friday 9am-5.30pm (UK time).
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2012
- Government security clearance
- Up to Security Clearance (SC)
Pricing
- Price
- £410 a person
- Discount for educational organisations
- No