JUMPSEC offer a comprehensive range of testing and assurance services that will provide you with a measurement of risk exposure and advice on how to best secure your assets.
Internal and external Penetration Testing can be conducted from a Black, White, or Gray Box perspective.
- Test the security of your technology
- Test the security awareness of your people
- Test the strength of your processes
- Identify and address the weaknesses and exposures in your business
Services backed by robust methodologies drawn from OSSTMM and CREST.
We help secure you apps and ensure they are trustworthy. Decompilation of the installed app allows our technical team to perform in depth application analysis looking for security bugs in the source code and application itself.
- Mobile app and server-side testing
- Misconfiguration and finding sensitive information
- Access permissions, injections and error messages
Testing consists of discovering the vulnerabilities within and the likely threats to both your Website and Applications. It can be quite alarming to be told you’re vulnerable so we are equally adept at helping our clients find and implement solutions that mitigate or reduce the risk of compromise.
- Web application security assessment
- Application threat modelling
- Automated and manual code analysis
- Web server configuration assessment
Advanced simulated attacks (ASA) allow for thorough in depth testing that could not be otherwise done on a production network with the risk of downtime. We simulate various high-level real world attacks with or without specific goals in mind.
- Latest security vulnerabilities exercised and utilise different attack vectors
- Notes detailing what was done and how to defend against it in the future
- Hardening and tuning your defensive systems for optimum security
We take social engineering testing seriously, we perform multi pronged attack such as using telephone pretexting, vishing, phishing and browser based exploitation attacks. Here are some of the most common goals:
- Obtain access to premiss and steal equipment
- Collect information, plant rogue devices
- Social engineer employees for information
Responding quickly is key to any security breach, we provide incident handling and management services and track the threats down one by one. We strive act quickly and minimise the duration of impact.
- Pinpointing source of breach
- Device isolation and network tapping
- Forensic analysis of logs
Helping you reduce risk from cyber threat by regularly identifying vulnerabilities so that you can understand, prioritise and remediate them.
Because new threats and vulnerabilities occur all the time, and on a regular basis, we recommend organisations take our Managed Vulnerability Scanning as the next logical step in their cyber security defence strategy. It is a complimentary service to Penetration Testing.
Daily scanning and re-testing of you network infrastructure with proactive alerts and scheduled monthly reports help you to mitigate risk of cyber threats to your organisation on a continuous basis.
Managed Vulnerability Scanning is recommended for any organisation with public facing servers or interactive websites.
JUMPSEC Managed Vulnerability Scanning combines industry leading scanning software with JUMPSEC’s in-house expert team to deliver both proactive and scheduled expert identification of network and web vulnerabilities.
Your network infrastructure transports the lifeblood of your organisation, information. We will assess your organisation’s core, distribution and access level network infrastructure to identify areas of the network that expose key components to the myriad of threats out there.
- We can evaluate IDS/IPS and other alerting or control mechanisms.
- Firewall and network topography reviews
- Network segmentation analysis and data flow analysis
- VPN Evaluation
We help identify where the architecture of your network can be more effective and provide workable advice to improve.
At JUMPSEC, we recognise that consultancy services aren’t just about Ethical Hacking, the sometimes complex relationships between threats and vulnerabilities that together represent a business risk must all be quantified. Our experience and expertise can guide organisations and provide strategic insight around the complex issues of governance, compliance & legislation and all aspects of a security transformation project.
JUMPSEC offer the very best in group security training workshops. We can offer our own course syllabuses, or bespoke a course to your requirements. A sample of the courses we run:
- Security awareness
- Introduction to penetration testing, tools and techniques
- A guide to the management and procurement of penetration testing services
- Mobile application hacking
- Secure Development Life Cycle and Secure coding practices
We are more than happy to discuss any specific requirements you may have.