They trust boxxe
Penetration testing - What you get
CREST accredited PenTesters
A quality service you can trust. Why? Our CREST accredited service was independently audited to confirm our quality PenTesting processes; our compliance with ISO27001 and ISO9001 standards; and the high standards we use to keep your data safe.
6 categories of PenTest
Choose from six expert penetration test areas: Infrastructure, Web Applications, Social Engineering, VPN configuration, Firewall and Network Security.
Live vulnerability report
Every penetration test includes free access to SecurePortal*, a live dashboard that reveals vulnerability data as it's discovered. The result? Remediate at a second’s notice, and cut immediately any risk of your data being exploited
* Powered by Pentest People
- The 6 Steps in our Penetration Test -
Delivered in partnership with Pentest People - our joint CREST, Check and NCSC-accredited expertise, and pioneering SecurePortal platform, make our joint service one of the most comprehensive, affordable and qualitative Penetration Tests available today.
Here's how we do it ...
We start by setting the parameters for the project. Once agreed, Pentest People use their SecurePortal to share scoping documents and securely communicate project updates as the penetration test gears up to launch.
Using the public domain, search engines and public records - we'll collect collect information about your organisation and network. In the case of an internal assessment, we'll also investigate your wired and wireless networks for network protocol information, addressing details, and user credentials.
Next, we'll look for active hosts and any open ports to see what services are running, and the host operating system.
First, we'll check your operating system and services for known vulnerabilities and privileged access levels that can be achieved. Don't worry, we don't run check's that'll affect services (but they can be can be included by request).
We'll attempt to access any services we find that require a username and password with the default password, and also commonly used username and password combinations.
Next, we present you with an executive summary of our findings and a more detailed report. We include:
- Key findings
- Top ten remedial action recommendations
- A table of hosts, including open ports identified, services available on those ports, identified vulnerabilities and remediation advice.
- All identified vulnerabilities, categorised by severity level.
Your executive summary and full report are are uploaded to the secure document area of Pentest People's SecurePortal. Next, we'll schedule a de-brief meeting.
Here, we'll discuss any major issues arising from the assessment and answer any questions you have.
We don't just find problems - we're a full service security service provider. If any security gaps have you stumped, we can provide the expertise, hardware, software or managed services to fix them for you.
It's completely optional, but the extra support is there if you need it.
Fix any issues found
Who wants to be left with a list of issues they can't fix? We can fix any vulnerabilities that leave you stumped. From hardware and software provision, managed services to consultancy - you've got support for plugging any security gaps.
Become Ministry of Defence-level secure
We can help you become as secure as the Ministry of Defence - a cyber defence titan who we've supported for 30+ years.
EXPERTISE IN ACTION
What happens when you try hacking a security expert?
Someone tried hacking boxxe last June ...
We hate to say it, but if people are trying to hack cybersecurity experts like us - they're definitely trying to hack you. The difference? Well, find out how it went for our would-be hackers.
(spoiler: not well)
Our clients love us
Your pain? We understand.
That's why we do what we do, and can provide you with a service like no other.
THE NITTY GRITTY
Frequently asked questions
1. Are testers CHECK and/or CREST certified?
Your tester will have both certifications. That means you can be confident that the knowledge, skills and competence of the professional delivering your penetration test are at the highest standards, as confirmed by external experts.
Interested in finding out more about the benefits of Penetration Testing?
To start finding IT security gaps that other tests miss, call us on the number below or fill in the form and we will be in touch.
Need more information? Read our Service Overview
See more about how our Security Analysts can find vulnerabilities and immediately cut any risk of your data being exploited.