Cyber Security

Cyber security seems to be in the headlines so much more these days, from organised hacking groups to destructive and costly ransomware, state-sponsored attacks and lone cybercriminals we have seen it all.

Penetration testing is a modern-day necessity, and this is where someone friendly like us probes your company's entire I.T systems landscape to expose weaknesses, so you can plug any gaps before any outside threats maliciously target them, think of it as paying an "ethical" hacker to break into your systems so you can learn how they got inside.

Unlike most penetration testing firms, Zero42 specialises in helping small to medium-sized businesses uncover what threatens them the most and the steps required to protect themselves, with a host of services that even the non-I.T savvy will understand.

A typical mission

No two penetration test missions are the same, there are far too many variables but here are the steps each engagement will follow to give you some kind of idea of the work involved.

  • 01. Agreement & Scope

    Both sides agree on the scope of engagement and what is on and off-limits within our mission, after all, you may have some stuff you wish to hide.

  • 02. Planning & Reconnaissance

    Planning always takes time, we work hard to gather as much information about our target as possible and that means watching how your business interacts digitally as well as the people around you.

  • 03. Scanning Vulerabilities

    During this phase of the attack, we interact with our chosen targets and send probes deep into your digital infrastructure, we look for weaknesses in open ports and systems with social engineering and manipulation just like a rogue attacker would.

  • 04. Gaining Access

    Once the vulnerabilities have been identified we then carefully check each one in turn for access and to see which are exploitable and which provide us with the best leverage into the very heart of your infrastructure.

  • 05. Maintaining Access

    Now that we are inside your networks, we like to make sure that we can maintain access and move around without setting off any alarms or raising suspicion and that means replicating our methods of entry or creating our very own hidden entry points.

  • 06. Exploitation

    This is the phase where actual damage could be done, a real cyber attacker would try to get hold of data, compromise your systems and launch malicious code. Our experts will not however cause mayhem or do damage but prefer instead to leave behind little gifts for you to collect or pick up any flags you may have left for us.

  • 07.Evidence Gathering

    Now we have compromised most if not all of your systems, we put together evidence of our exploits in a digital scrapbook which you get to keep. This book will provide you and your team with insight into the methods used, and the information gathered.

  • 08. Final Reporting

    The final part of the penetration test is the generation of a comprehensive report detailing each of our exploits and providing you with best practices of how to prevent further attacks.

    We could always go further [additional fees apply] and actually implement any changes for you, or maybe run one of our fun security seminars to help educate your staff on how to best protect the business and themselves.

Penetration testing packages

We have three main packages, these fit the majority of end-user scenarios but we will also custom design something different for you if you prefer.

Image Description Yellow Package

Attack Mode One

Our basic penetration testing exercise, with everything a small business requires to evaluate security threats and assess weaknesses.

Image Description Red Package

Attack Mode Two

Our ever popular enhanced penetration testing package includes everything a business needs to determine potential threats and weaknesses including easy to access infrastructures such as wifi, CCTV and mobile.

Image Description Black Package

Attack Mode Three

Our ultimate penetration testing package, with no-holds-barred, we will simulate real-world coordinated attacks on your business data and your entire I.T landscape. We only take on a few BLACK packages each year, as the workload involved is fairly intense and time-consuming.

Yellow Package

Attack Mode One

For startups

£899
Price based on 10 office based employees or less
  • Social Engineering
  • Phishing Expedition
  • SQL Injection
  • Denial of Service
  • Domain &Mail Server Security
  • Social Media Scanning
Red Package

Attack Mode Two

For growing businesses.

£2499
Price based on 20 office based employees or less
  • Perimeter Scanning
  • Wireless Vulnerability
  • LAN Injection
  • Access Point Clone
  • Finance Manipulation
  • Recovery / Resilience Check
Image Description
Image Description
Black Package

Attack Mode Three

No holds barred attack

£4549
Price based on 30 office based employees or less
  • Physical Access
  • Canary Trap
  • Honey Pot Checks
  • Director Manipulation
  • VoIP & Mobile Clone
  • Employee Awareness Seminar
Most Fun

Cyber Security Seminar & Workshop

Informative & Fun.

£599
Seminar lasts aprox 2 ½ Hours plus question/answer session.
  • Maximum 30 people
  • Phishing Demonstration
  • Mobile Device Interception
  • Account Discovery
  • Social Media Manipulation
  • Social Engineering
Image Description
Image Description

Compare our mission attack plans

Yellow Red Black
Warm Up
    Information Gathering
    Reconnaissance
    Vulnerability Assessment
Attack
    Social Engineering
    Phishing
    Perimeter
    Wireless
    Physical
Additions
    Canary Trap
    Honey Pot
Penetration Test
    Exploitation
    Evidence
    Final Report
Extras
    Employee Awareness
Image Description
Image Description
Image Description

Cyber Security Seminar

If you want something fun and informative to get the security message out to your employees, then look no further than our Cyber Security Seminar, in which our top security expert and ex-hacker demonstrates several of the methods used by cybercriminals around the world to breach network security and sharing their suggestions on how your employees can prevent falling victim to these attacks both in their working environment and at home.

Be prepared for a bit of mischief and mayhem as we take your employees on a whirlwind tour of email spoofing, mobile phone interceptions, password discovery and social media manipulation, plus demonstrate how cybercriminals use simple social engineering techniques against their human targets.

  • Seminar handouts + USB
  • Online security quiz
  • Suitable for up to 30 delegates
Book Online
Logo
Our customers love us, and you will too. Highest quality products , competitive pricing and great service. What more could you possibly want?

Network Security Basics

Other Useful Resources:
Action Fraud
Action Fraud is the UK’s national reporting centre for fraud and cybercrime where you should report fraud if you have been scammed, defrauded or experienced cybercrime in England, Wales and Northern Ireland.

The service is run by the City of London Police working alongside the National Fraud Intelligence Bureau (NFIB) who are responsible for the assessment of the reports and ensuring that your fraud reports reach the right place. The City of London Police is the national policing lead for economic crime.
 Link to Action Fraud
National Cyber Security Centre
Launched in October 2016, the NCSC has headquarters in London and brought together expertise from CESG (the information assurance arm of GCHQ), the Centre for Cyber Assessment, CERT-UK, and the Centre for Protection of National Infrastructure.

The NCSC provides a single point of contact for SMEs, larger organisations, government agencies, the general public and departments. They NCSC also work collaboratively with other law enforcement, defence, the UK’s intelligence and security agencies and international partners.
 National Cyber Security Centre
MI5 Security Service
The men and women of MI5 are ordinary people who do extraordinary things. They have a strong public service ethos, yet their work often goes unnoticed in the public domain. They are intensely committed to keeping the country safe, and they are tirelessly professional and ethical in the way they conduct their work.
 MI5 Security Servic
Gov.uk
The best place to find government services and information
 Link to UK government website
Centre for the Protection of National Infrastructure
CPNI’s role is to protect UK national security. We help to reduce the vulnerability of the UK to a variety of threats such as Terrorism, Espionage and Sabotage.


CPNI works with partners in government, police, industry and academia to reduce the vulnerability of the national infrastructure.
 Centre for the Protection of National Infrastructure
Get Safe Online
Get Safe Online is the UK’s leading source of unbiased, factual and easy-to-understand information on online safety.

Their website is a unique resource providing practical advice on protecting yourself, your computers and mobile devices, and your business against fraud, identity theft, viruses, and many other problems encountered online. It contains guidance on many other related subjects, including performing backups and avoiding theft or loss of your computer, smartphone or tablet.

Every conceivable topic is included on the site, including safe online shopping, gaming, and dating to stay safe with everything you do online.
  Link to Get Safe Online

Network Security is the process of taking physical hardware and software preventative measures to protect the underlying network infrastructure from unauthorised access, misuse, modification, destruction, or disclosure.

Mitigating risk and prevention rather than cure is key to creating a secure platform for computers, users and programs to perform their individual functions. In today's business climate, network security must be top of the list of requirements for any I.T manager or online business.

The size of an organisation is usually pretty irrelevant to most computer hackers. However, the kudos of taking on the very biggest corporations is the driving factor behind any network attack for some. Most "unethical" attacks are carried out by individuals motivated by financial or commercial gain. While there are many things an organisation can do to reduce the risk of attack, there is no such thing as being totally un-hackable forewarned is forearmed.

We have over 35 years of experience in network design and systems security and have worked with some of the U.K.'s most prominent government agencies and blue-chip organisations. Our system security & evaluation skills are the same as those employed in signals intelligence and defence intelligence here in the U.K.

Hacktivate.

A white hat hacker is a computer security specialist who breaks into protected systems and networks to test and assess their security. White hat hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them.

The term "white hat" refers to an ethical computer hacker or a computer security expert who specialises in computer & network penetration testing to ensure the security of an organisation's information systems and network. Ethical hacking is a term first coined by IBM to imply a broader category than just penetration testing. Contrasted with the black hat, a malicious hacker, the name comes from Western films, where heroic and unfriendly cowboys would traditionally wear a white or black cowboy hat.

PENETRATION TESTING

  • We offer a wide range of "pen test" services tailored to each individual client's needs and system-specific requirements. We thoroughly document the entire testing process and demonstrate system vulnerabilities by adding pre-agreed code to weak points in your corporate network.
  • The methods employed by our security specialists will be varied and designed to replicate "real world" attacks, whether by curious individuals or talented hacking teams and government agencies.

ETHICAL HACKING

  • Aside from the regular penetration testing service, we also conduct a more aggressive approach to breaking into your corporate network. This may involve social engineering tasks such as employee exploitation or so-called "honey pots" designed to catch the more sophisticated network users.
  • Due to differing legislation worldwide, we only offer this service to U.K. based businesses, and only then upon the sanction of the board of directors. We do not provide this service to individual clients or those involved in political activities.

SECURITY CONSULTANCY

  • We recognise that not every business has the ability to recruit their own in house security specialist nor has the capacity to do so. With this in mind, we offer a one-to-one consultancy service, where we take that employee's place and can offer practical real-time advice to management or those tasked with providing your I.T services.
  • We regularly attend development meetings on behalf of clients and liaise with equipment and software suppliers should this be necessary or beneficial. Our consultancy service also extends to cover all aspects of forensic auditing and data reclamation.
lady holding charity box of toys
Image Description
Featured client
We asked Michael to sort out our telecoms and data at Pinewood Studios; we received such excellent service from his technicians that they now look after all of our UK sites. Very knowledgeable and highly recommended.

Need some help with your security just call the experts

* Advice is always free

0800 640 6042

Click to call
Image Description
Image Description