ESS Advisory Practice provides a full range of penetration testing undertaken both internally and externally to identify technical vulnerabilities that might be exploited by an external attacker or disaffected internal user.  The technical assessment can often be complemented by simulation of ‘social engineering’ attacks or simulated denial of service attacks to provide a rounded assessment of the security posture of an organisations. ESS Advisory provides a single point of accountability and works with approved partners to provide penetration testing services in accordance with CESG CHECK, CREST and PCI requirements.  The penetration testing includes consultant led scoping, testing and delivery with clear technical and non-technical reporting including daily de-briefs on identified vulnerabilities. Penetration testing services include:

• IT Health Checks and penetration testing
• Infrastructure testing services
• Application testing services
• Remote Access Testing
• Social Engineering and DDoS simulation;
• Detailed risk mitigation recommendations set within the context of relevant CESG policy and Good Practice Guides