Consult & Assess2018-06-11T14:12:18+00:00

CONSULT & ASSESS

SPEAK TO AN EXPERT
SPEAK TO AN EXPERT

Be prepared in the event of attack

Professional Services to address the myriad of cyber security challenges

Our Consult and Assess Services

Security Testing
Governance, Risk and Compliance
Security Strategy and services
Security Architecture and design

Why choose Trustmarque’s Consult and Assess professional services?

We sit among the most relied upon cyber security providers nationwide. We deliver technologies, processes and practices at the earliest concept designed to protect networks, computers, programs and data from attack.

Our Consult and Assess services

Security Testing

A range of audits and assessments, using technical and non-technical means, to test your organisations defences and resilience against adverse events, including hostile attack.

Vulnerability Assessment

This assessment uses a combination of both automated tools and manual testing techniques to evaluate the security of your IT systems.

Firewall Security Assessment

This assesses the boundary defences of your organisation.

Network Device Configuration Review

This process assesses the security posture of routers and switches.

Network Penetration Test

This test follows a set methodology using manual techniques to identify and exploit discovered weaknesses.

Server Build Review

This offers you a comprehensive view of your servers’ security status, this is mainly on host auditing with authenticated scanning.

Wireless Network Assessment

This assessment ascertains if appropriate security measures have been implemented to ensure only authorised personnel can connect to the network.

Web Application Penetration Test

This test follows a set methodology and manual techniques to identify and exploit discovered weaknesses.

Client Security Evaluation

This gives you a comprehensive view of what is possible from a user’s perspective, this is mainly testing for privilege escalation.

Source Code Security Review

This is a detailed security review of an application’s source code following a set methodology and using a combination of automated and manual analysis techniques.

Phishing Campaign Assessment

Phishing campaigns are email and telephone based, the purpose is to identify staff open security awareness.

Mobile Application Penetration Test

This test follows a set methodology and manual techniques to identify and exploit discovered weaknesses.

Red Team Assessments

This assessment provides an invaluable service identifying security vulnerabilities in your overall security architecture.

Malware Defence Testing

Ensuring the defences you have in place are robust enough to cope with todays advancing malware threats.

Assessment Packages

We can also provide bespoke packages tailored to your specific organisational requirements where necessary.

Perimeter Security

This is an entry point assessment pack ideal for companies that have not previously assessed their external perimeter.

It combines a set of detailed tests and is designed to highlight which of the company assets, carry the greatest exposure to external threats.

The tests enable an accurate understanding of the vulnerabilities that exist and highlight areas where mitigation / preventative actions should be taken before an event occurs.

Mobile 360 Security

This package has been designed to provide application developers with an assurance that their mobile client applications, server back end and application communications are secure.

Combining a server side application security test; an iOS and/or Android client app test and a client-server communication test.

Pen Testing/Vulnerability

A series of combined Penetration testing and Vulnerability Assessment Packages which can be used to test vulnerabilities within specific areas of an organisations infrastructure.

  • Network Penetration and Vulnerability Assessment – assessing the resilience of your infrastructure against compromise
  • Web Application Penetration Test & Vulnerability Assessment – assessing the resilience of your web applications against compromise
  • Mobile Application Penetration Test and Vulnerability Assessment – assessing the resilience of your on device applications and server side APIs against compromise

Desktop Security

This package examines the security of the user’s desktop and the protection in place to avoid contamination by, and propagation of, malware.
Combining a workstation build review (Client Security Evaluation) and Malware Defence Testing package to provide organisations with assurance that their desktop and malware defence controls are operational and effective.

Cloud & SaaS

This combination of Network Penetration testing of your cloud infrastructure together with Web Application Penetration Testing of the associated SaaS application can be used to provide customers with an assurance that their Cloud hosted infrastructure and SaaS applications are secure.

Phishing Campaign

Assessments under a sanctioned and controlled testing structure to identify the risk level and vulnerabilities within your organisation to a Phishing attack.

Trustmarque will then work with your organisation to develop a programme to address key issues and risks based on the outcomes of the Phishing Campaign Assessment.

PCI DSS 360 Security Test Package

This package has been designed specifically in line with the various security testing requirements detailed in the PCI Data Security Standard.

Social Engineering & Cyber Awareness

A series of packaged training and certification programmes and interactive digital simulation packages specifically designed to educate and increase awareness within your workforce thereby building cyber resilience across your organisation.

Governance, Risk and Compliance

The design, implementation and maintenance of effective regimes to deliver formal compliance for your organisation to international standards in quality, security and risk.

ISO 27001:2013 Information Security Management Systems

The design, implementation and maintenance of effective regimes to deliver formal auditable compliance to international standards in information security management.

ISO 27005: 2011 Risk Management

The design, implementation and maintenance of effective regimes to deliver formal auditable compliance to international standards in risk management.

ISO 22301: 2012 Business Continuity

The design, implementation and maintenance of effective regimes to deliver formal auditable compliance to international standards in business continuity management.

Assessment Packages

Trustmarque Cyber Security can also provide bespoke packages tailored to your specific organisational requirements where necessary.

General Data Protection Regulation (GDPR) Assessment Package

This package helps your organisation assess and understand its current GDPR compliance status and the key requirements of the legislation. Trustmarque will then work with your organisation to develop a programme to support meeting the compliance deadline of 2018.

Security Strategy and Services

The design, implementation and maintenance of effective regimes to deliver formal compliance for your organisation to international standards in quality, security and risk.

Security Strategy (CISO)

Complete education, assessment, analysis and advice service for the purpose of enabling your security posture through strategy.

Security Services

Complete education, assessment, analysis and advice service for the purpose of bringing compliance through alignment and rigour.

Security Architecture and Design

Solution Security Architecture

Embedding security into the heart of projects to ensure design best practice is maintained and the attack surface is minimised.

Network Design Review

Designed to ensure that your network is validated against industry best practices for performance, reliability, and resiliency and security.

Get in touch

Contact us to find out more about Cyber Security

SPEAK TO AN EXPERT
SPEAK TO AN EXPERT