About Pentest

Find out everything you need to know about Pentest Ltd.

Information security experts since 2001

At Pentest, we believe that information security assurance requires more than a one size fits all approach. That’s why our information security testing services have been designed to go further.

Founded in 2001, we work in partnership with our clients, providing them with bespoke and adaptable testing services to ensure they can be as confident as possible in their information security, whether it be their internal systems or applications developed for third parties.

It’s this approach, as well as our technical capability, that has led us to develop long-term working relationships with organisations across the world, from global tech companies, with large, complex test requirements through to small companies requiring a single annual test.

So, whether you’re a multinational looking to protect yourself against an advanced cyber-attack, a medium-sized organisation looking for assurances around an application or a start-up looking for initial security advice, we’re here to give you confidence in your information security.

Why clients choose us

We pride ourselves on the support we offer our clients, but this isn’t the only reason clients work with us year after year. So, what do our clients value most about our working with us?

Technical capability

We have proven technical capability, with methodologies and processes that have been developed over 20 years. Our team of security consultants come from a diverse range of backgrounds, have years of experience and a depth of expertise in information security testing. We do not engage with third parties to deliver any testing service, which allows us to ensure the highest standard of work.

Our targeted, low utilisation rate provides our consultants with the time to conduct research, undertake training, take part in CTF competitions, and speak at industry events. This keeps their skills up to date, our staff retention high, and ensures our clients continue to get the best possible results.

Client focused approach

We deliver services that meet our client’s business needs, adapting our way of working to suit them, not the other way around. Many of our services and solutions, such agile testing and ticketing integration, were created in response to specific client needs and we welcome client suggestions on how we can add value to their service.

Every client is appointed a dedicated account manager to co-ordinate their engagements, and we provide access to consultants throughout testing, as well as the remediation process. This means vital client knowledge is retained in-house, vulnerabilities can be reported directly, and our expert advice can be easily passed on.

Take the time to understand your needs

No two organisations are the same, that’s why we take the time to get to know our client's business, their security concerns, the environment under review, and the desired outcomes before we put forward a tailored proposal of work. We understand the importance of testing to our clients and try to provide flexibility, wherever possible, in our scheduling, in-test reporting and communications, as well as our post-test support.

Trusted advisors, not just test providers

Our business is built on trust and integrity, as well as the quality of our work. We pride ourselves on the accuracy of our scoping and always aim to do what is best for our clients, even if that means suggesting a different course of action or recommending a service we do not provide. We also welcome clients to contact us outside of standard test engagements when they need information security advice or recommendations.

We challenge you...

We believe that the most successful security improvements come from being challenged. To do this, we only employee the very best security consultants and all our testing is consultant led, meaning we can delve much deeper than automated approaches. As one of our clients put it – “you make us work harder, but we know we’re more protected as a result.”

...to improve your security posture

Our job doesn’t finish on delivery of a test report, our consultants will be available following the report to provide clarification on findings, to assist technical remediation efforts and pass on their wealth of expertise to internal teams, stakeholders and/or external partners.

Providing the assurances you need

We’re ultimately here to provide our clients with the assurances they require, Assurances that their organisation, customers, suppliers, and partners are as protected as possible. We achieve this through our in-depth, tailored reporting process, which ensures that vulnerabilities are easy to understand, and mitigation efforts can be completed successfully. Where required, we can supply a summarised report of testing to satisfy any third-party requirements.

Like what you see?

Contact our team and find out how we can help you obtain the information security assurance you require.

Supporting our community

Our ethos of support doesn’t just apply to our clients. Pentest is a firm believer in supporting our staff and the communities in which we work. We set aside time to training and development, research projects, pro bono work and to community education. Not only does this keep our consultant’s skills up to date but it also allows us to pass on our expertise.

Team-2

Training & development

Information security is a constantly evolving landscape and it’s vital that our consultants keep up to date with the latest threats, techniques and tools in order to provide our clients with the highest possible standard of work.

We set our consultants personal training and development goals, providing them with the time and resources they need, whether they are working towards industry recognised certifications or conducting individual study projects.

Industry events

We set aside time for our consultants to attend industry conferences such as BlackHat & DEFCON, to name a few. We see these as vital opportunities for our consultants to learn more about the latest developments in our industry.

We also encourage our consultants to take part in high-profile Capture the Flag (CTF) challenges, such as the Hack-A-Sat challenge run by The United States Air Force. These challenges give us a chance to learn, develop our skills in new areas and to put ourselves to the test against some of the best CTF teams in the world.

Team-3
Team-1

Supporting the infosec community

The Information Security community is a close knit one and it’s one that openly encourages the sharing of knowledge and ideas to benefit everyone. We are proud members of this community and our consultants have spoken at events such as BSides, DEFCON & BlackHat.

We also contribute by designing and running CTF challenges for the community to take part in. Our CTFs are designed to mimic vulnerabilities that we find in our real-world penetration testing and red teaming engagements and seek to replicate them faithfully, allowing others to learn and develop their skills.

Giving back

Our aim is to provide over £20,000 of information security work on a pro bono basis, supporting the important work of organisations and charities, work that benefits us all as a society.

Examples of the pro bono work we have conducted include:
> JoinZoe, Covid19 symptom tracker application
> Xploro, health information platform 
> The University of Edinburgh, Coronagenes study
The Brain Tumour Charity
Action for Children

Get in touch

Looking for an information security speaker at your event or know of a well deserving organisation that could benefit from our pro bono support? Get in touch, we’ll see if we can help. 

Want to know more?

Use the links below to find out more about our industry accreditations, tailored reporting options, our research projects and the latest job opportunities here at Pentest.

Accreditations

We work to the highest possible standards and hold several key industry certifications, accreditations, memberships and awards. You can find out all about them here.

Tailored Reporting

Not all reporting is created equal. Find out how our tailored reporting options can provide you with the robust and ongoing assurances you require.

Research

We invest significant time in security research projects, honing and developing skills which allow our consultants to deliver the best possible results. 

Careers

Fancy coming to work with us here at Pentest? Of course you do! Take a look at our latest opportunities. 

We're here to give you confidence in your information security.

Contact our team today and find out how our services can help you obtain the information security assurance you need.