IT Health Check

The threat landscape is evolving at escalating speed. Our managed security services are designed to serve as a remote extension of your security staff.

CREST approved IT Health Check for:

  • Public Service Networks
  • Private Sector
  • Due Diligence
  • Annual Assurance

PSN and Private Sector IT Health Checks

Organisations connected to the Public Sector Networks require regular assessment of technical information security controls in place and guidance as to how these controls can be improved to reduce technical risk.

Hedgehog Security provides PSN connected public sector organisations with a simple, straightforward fixed price PSN Health Check service that covers both external and internal PSN Health Check requirements in one simple solution. We will work with you to produce a testing scope in accordance with PSN Health Check requirements, provide a thorough assessment of systems and resources within the testing scope, and provide detailed but easily digestible reports containing recommended corrective actions considering the time and resources at your disposal.

Internal testing

This stage involves both automated and manual assessment of the internal network, in order to ascertain that technical controls in place are adequate to protect IT data and systems from internal threats. In addition, a typical IT Health Check will include:

  • Testing of WiFi security to ensure both staff and guest access is adequately secured.
  • Desktop and Server build reviews to ensure that system configurations are adequately hardened before deployment and that best practice is being adopted in regard to authentication and patch management.
  • A technical review of security gateways (firewalls, VPNs, etc) to ensure that rule-sets and system configurations are suitably secured.
  • A build review of remote access solutions, including use of encryption to protect data in transit and at rest.
  • A review of BYOD (Bring Your Own Device) practices within the organisation.
*The above scope is merely an example of a typical PSN Health Check, and it is important that PSN customers can demonstrate to their assessors that an adequate scope of testing has been adopted.

External testing

This consists of both automated and manual vulnerability assessment of your externally facing network perimeter, including web applications, VPNs and any other potential points of network entry. We combine automated scanning, which by itself is limited in effectiveness, with manual verification and assessment to ensure that false positives and negatives are removed.

This is the same with the internal aspect of testing, all results will be compiled into a report and the remediation actions will be added to a separate remediation spreadsheet.

Where you use third party service providers with access to the corporate network, their network perimeter may have to be considered an external connection and tested accordingly.


Due to the manual way in which we perform our vulnerability assessments, our prices can be higher than our peers in the industry. Our prices (excluding VAT) are as follows:


£ 2,400

1 - 100 Internal IPs
1 - 25 External IPs
1 Firewall
2 Wireless Networks
1 Type of Phone
1 Type of Tablet


£ 4,000

101 - 500 Internal IPs
26 - 50 External IPs
2 Firewalls
3 Wireless Networks
2 Type of Phone
2 Type of Tablet


£ 5,600

501 - 750 Internal IPs
51 - 100 External IPs
3 Firewalls
3 Wireless Networks
3 Type of Phone
3 Type of Tablet



751+ Internal IPs
101+ External IPs
3+ Firewalls
4+ Wireless Networks
Multiple Phones
Multiple Tablets

Terms and Conditions

The above packages include both the external and internal components of the PSN Health Check. All prices are plus VAT. Organisations will be assessed individually on size. Joint applications will not be accepted. Mainland UK PSN connected organisations only. Final testing scope is at our discretion.