Identifying known vulnerabilities means action can be taken to mitigate risks.

It is not enough to have a patching policy alone. You can’t be sure you have addressed everything unless you check, so independent verification is a valuable asset to have.

There are two primary options:

1. External Vulnerability scanning – required by compliance to be carried out Monthly/Quarterly, your Public facing services are checked for known vulnerabilities, so you can take action to address known compromises.

2. Internal Vulnerability scanning - required by compliance, internal scans are carried out monthly to identify vulnerable applications essential to help mitigate compromises.

Pen Testing (Penetration Testing) is generally carried out once a year. We use a CREST certified partner to ensure reporting is independent. Most organisations and regulation don't permit internal IT teams or MSP's to conduct tests on the environments they manage. It differs from Vulnerability scanning in that it is carried out by a skilled certified individual. It’s a more serious attempt to find compromises and designed to simulate an attack. Pen testing can be a very broad topic, and you should at least have one pen test per year on external facing services. It’s required under most compliance standards.

B22 provides a comprehensive range of Cyber Security Services:

- SOCaaS (SOC as a Service)

- Defence in depth strategies

- Gap Analysis / Reviews

- Compliance GDPR, ISO, PCI, FCA, Cyber Essentials

- Protected DNS Services

- Vulnerability scanning

- Pen Testing

- SIEM Solutions

- Monitoring Services 24x7

- Data Loss Prevention

- Data/Endpoint management and Encryption

- Supported 24x7

More services available upon request

Sales

0333 339 8621

sales@b22solutions.com

Support

0333 339 8621

support@b22solutions.com