Evolved Penetration Testing Services

We help organisations evolve into secure, resilient and compliant businesses in an ever connected world through our Advanced Penetration Testing services. From a simple web application through to a prototype Hypercar, we can test it.

Hedgehog Security is a CREST approved member company operating in the UK, across Europe, the Middle East and Asia; and is a CREST approved Penetration Testing firm. Approved to carry out Cyber Essentials assessments through CREST.

OUR SERVICES

Penetration Testing

Our Penetration Testing service allows you to identify where weak-points exist in your cyber security. We are a CREST member company with a number of testers available for your projects world wide. Read more.

IT SECURITY HEALTH CHECK

We perform CREST approved IT Security Health Checks, performing a complete security audit of your digital infrastructure. From advanced vulnerability assessments to full firewall reviews, our IT Health Check service is the most comprehensive on the market. Read More.

VULNERABILITY ASSESSMENTS

Vulnerability Scanning provides you with a view of the vulnerabilities present in your systems on a regular basis. We can perform on off or regular scheduled vulnerability assessment as you require. Read More.

CYBER ESSENTIALS

Do you need Cyber Essentials or Cyber Essentials Plus? We can help. We offer a pain free solution to achieving your Cyber Essentials and Plus certifications as a highly competitive price. Read More.

Search our Site

news

Featured
We exploit Pulse Secure Connect SSL VPN
We exploit Pulse Secure Connect SSL VPN

There has recently been a number of security vulnerabilities in the Pulse Secure Connect SSL-VPN appliance published.

Read More →
News Roundup for the 31st of July 2019
News Roundup for the 31st of July 2019

News roundup for the 31st of July 2019.

Read More →
How to Pass Cyber Essentials - Part 3
How to Pass Cyber Essentials - Part 3

The third installment in the “How to Pass Cyber Essentials” series. In this post, I am looking at one of the most important, and often the hardest to pass section of the questionnaire. Secure Configuration.

Read More →
How to Pass Cyber Essentials - Part 2
How to Pass Cyber Essentials - Part 2

In my first post on “How to Pass Cyber Essentials”, I covered the initial sections which looked at your external facing systems and any cloud provisioned services you use. Now we move onto the Security Controls Questionnaire.

Read More →
How to Pass Cyber Essentials - Part 1
How to Pass Cyber Essentials - Part 1

We see a lot of Cyber Essentials applications through the year and over time it has become clear that some businesses are, quite understandably, not really understanding the questions.

Read More →
It does not matter how secure you are, if you use Server 2008
It does not matter how secure you are, if you use Server 2008

Hello folks and welcome to the fourth mini paper in my series "from the darkened room". This mini paper is looking at what actually goes into the reconnaissance part of a penetration test, and how the recon phase alone meant game over on a test.

Read More →
DANGERS OF BUYING A LAPTOP ONLINE
DANGERS OF BUYING A LAPTOP ONLINE

Having worked for both Blue Teams and Red Teams, I am automatically paranoid that everything is a potential threat.

Read More →
News Roundup for 12th July 2019
News Roundup for 12th July 2019

News roundup for the 12th of July 2019.

Read More →
Why Clickjacking is bad and some pentest firms are wrong
Why Clickjacking is bad and some pentest firms are wrong

I work with a fair few ladies and gents who do bug bounties and while sitting on the beach during one of our hack on the beach sessions, I posed the question “How friggin evil is clickjacking, PoC or GTFO.” The challenge was set, and here is what we decided.

Read More →

Testimonials

Hedgehog have worked with us for since 2010 and have streamlined the entire IS function, helped us achieve ISO27001 and turned security in a business development asset. I would highly recommend their CCA service to any business that does not have its own CISO.

IT Director - Northcott Global Solutions

Hedgehogs tailored monthly Cyber Risk Reports mean we can reduce the effort needed to maintain our ISO27001 compliance. In fact, their CCA program means we can focus on doing business rather than worrying about maintaining compliance. It keeps us, and our clients, happy.

Managing Director - Masbro Insurance

Latest Tweets