Taking no chances with customer data

Ensuring ISO 27001 compliance with daily vulnerability scanning and annual penetration testing.

Jigsaw Create Logo

At a glance

Challenges

  • Penetration test needed for ISO 27001 compliance

  • Spikes in unplanned workload

  • No visibility of vulnerabilities in between penetration testing

Benefits

  • Highly detailed expert penetration test report

  • Reduced workload due to Cyber Safe's frequent vulnerability scanning

  • Low risk profile year-round as vulnerabilities found within 24 hours

Objectives

We are a rapidly growing software company that takes the security of data extremely seriously. Our Web Application is used by all of our customers so it's essential we not only protect ourselves but also our customers data.

For some time, we have been Cyber Essentials Plus and ISO 27001 certified, while also undertaking regular penetration testing.

However, traditional penetration testing is resource intensive and remediation of vulnerabilities is time consuming. Once complete, there is a lack of visibility of potential threats and vulnerabilities until the next pen test, thus leaving us exposed in between testing. We wanted a better way of managing the workload and our exposure to risk.

Solution

Melius Cyber conducted a penetration test to dig deep and detect all potential security risks. Their professional team of experts then provided us with a detailed report of their findings and suggested actions for remediation.

Now with the implementation of the Cyber Safe platform, we have visibility of vulnerabilities across our key security controls. This not only enables us to keep on top of our remediation but helps to reduce our risk to threats.

Benefits

The penetration test provided us with definitive data that was vital to our web application's security.

It also fulfilled our ISO 27001 requirement and ensured compliance and adherence to our information security policies.

Cyber Safe gives us daily visibility of any vulnerabilities detected along with the level of severity and risk to the business. This enables us tackle threats as they arise - as opposed to waiting in the dark for months until the next pen test. We are confident that it will also reduce the amount of effort required to remediate any future remediations in subsequent penetration tests.

“We are extremely pleased with the high level of detail included in Melius Cyber’s penetration test reporting, making it easy to remediate vulnerabilities. The continued daily scanning means we are now aware of vulnerabilities as they appear and it’s nice to know there won’t be as much work next year.”

Richard McLaughlin - VP Technical Operations

About the Customer

The leading web-based tool focussed on professional services (legal, accountancy and financial institutions).

The tool is used for creating diagrams and visualisations to explain complicated ideas.

Contact
  • Newcastle office: 0191 249 3003
  • London office: 0203 793 9679