A NEW HOPE IN PENETRATION TESTING
SECFORCE Introduction SECFORCE is a leading Security Consultancy based in Canary Wharf, specialising in the delivery of bespoke penetration testing services to large organizations with the most stringent and mature security appetites. We have been a CREST certified penetration testing consultancy since 2009, making us one of the earliest adopters of the scheme, underpinning 5 years working with some of the most mature and security demanding organisations in the UK and abroad. We are also fully ISO9001 and ISO27001 certified organization. As a company with a heritage of technical excellence, we constantly strive to improve our service delivery, through increasing the skillsets of our staff and keeping them highly motivated.
The SECFORCE Difference We don’t believe that we are just delivering a technical penetration test. We look upon Security Testing as a vehicle to give our customers visibility of their security issues. Testing companies will typically provide a detailed report highlighting vulnerabilities identified, prioritised by criticality and offering advice for fixing specific issues. At SECFORCE we take a more holistic view. As well as providing you with a detailed and meaningful report, we will give you with all the necessary support to ensure that you understand the issues from both a technical and business context. Whilst it is helpful to advise you on fixing a single vulnerability, if there are recurring vulnerabilities identified in testing, we strive to be pragmatic and make suggestions that make a difference in the long term, rather than just papering over the cracks. We provide meaning advice with from a strategic perspective. We communicate our ideas through wash up calls at periodic times throughout testing and through a project wrap up call or meeting once the report has been delivered.
Enforcing Consistency in Project Management We use bespoke project management software to enforce consistency. Our customers tell us that they get fed up with dealing with testing companies who do not listen to them or have to keep reminding them about special requirements. We have listened, and developed this tool so that we only have to be told once! At the beginning of a new relationship with a customer we outline any special requirements and feed them directly into our tool. By virtue of doing this, as soon as a test is allocated to a technical lead, they will get sent an email outlining the requirement, number of days and any special requirements. For very test they will automatically be aware of these special requirements. Individual requirements can also built into individual projects on a case by case basis.
Technical innovation! NEW Penetration testing Tool We are very active in the testing community by writing relevant blog posts and releasing exciting new tools that will help to raise standards in a sometimes complacent industry. Our new tool, SPARTA has just been released this month and makes internal penetration testing easier for testers, without compromising on the quality of output. SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. A demo, screenshots and the download is available via this URL: http://sparta.secforce.com
Unique Reporting We offer the most unique reporting in the UK marketplace. As well as a high quality PDF report, we offer our clients remediation plans (in MS Excel), Online reporting (accessible via PC, Tablet or Smartphone), and we can feed the findings from any project into leading project management software such as JIRA, GitHub, BitBucket, etc, making the transition between testing and mitigation seamless. Whilst our innovation is a key differentiator for our clients, we never lose sight of the fact that every customer has different needs. We are always ready to work on new ideas with our customers to build and maintain a mutually rewarding relationship.
Our Key Areas of Specialism SECFORCE delivers high quality penetration testing. Our specialities, where we feel that we are market leaders and we provide the absolute highest degree of security assurance include the following:
Web & Thick Clients Application Testing we have been innovating with tools such as Tunna, and contributing to the industry with the OWASP organization. External & Internal Infrastructure testing we are pushing the boundaries with tools such as SPARTA, to provide the greatest value to our customers. API Testing and Fuzzing Techniques SECFORCE has plenty of experience in the delivery of API library testing and research via fuzzing techniques.
The Best of the Rest These are the other types of test that we undertake on a frequent basis:
Infrastructure Assessment
Application Assessments
Mobile Device Testing
Application Penetration Test
Wireless Assessments
Mobile Application Penetration Test
Firewall Assessments
Source Code Review
Host Configuration Review
Application Threat Modelling
VPN Assessments Physical Security Assessment Embedded Device Testing
Aegon House, 13 Lanark Square Canary Wharf - E14 9QD, London
+44 (0) 845 056 8694
www.secforce.com
info@secforce.com