Call +44 3333 444 256
Hedgehog Security, a CREST member company, strives to deliver the best cyber security to our clients through our research driven innovative services.
At Hedgehog Security we believe every business has the right to a safer connected world. Our mission is to deliver that.
Honesty | Integrity | Excellence
Our Penetration Testing team are on hand to carry out all aspects of pen testing from single web and mobile applications, through infrastructure and SCADA testing all the way to Red Team engagements. Our business is fully CREST registered and we have CREST CRT and TIGER qualified penetration testers available to work on any penetration testing needs you have. >> READ MORE
Being the first ever company to offer a vCISO service (Virtual Chief Information Security Officer), we have often been copied but never surpassed. Our team of CISOs are here 24×7 to assist in everything from writing policies to implementing full ISO27001 programs. Our team are also available to step into your business for short, medium and long term to bridge any skills shortages or to run your Information Security Office. >> READ MORE
Secure is our one stop shop for small businesses. Designed from the ground up for the small business. All you need is your domain name as a starting point. We will monitor and develop your Cyber Security strategy and program around your business without you needed the specialist security skill. >> READ MORE
Whether you simply need access to the audit portal because you have it all in hand already or you need your company hand holding through the entire Cyber Essentials journey, we are here. We have a dedicated team of highly skilled specialists to help with every aspect from advice, to implementation and audit. >> READ MORE
Hedgehog Security has over 10 years of experience at the forefront of cyber security. Our penetration testing team has worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our penetration tests leverage deep knowledge of attacker’s behaviours and methods. We use the same tools, tactics and procedures (TTPs). Every test is custom built to every client’s needs and requirements. We assess specific aspects of the security program and the state of security of systems, networks and applications within the scope.
We set modern, realistic goals for our talented penetration testers to attempt to achieve. These are the same goals that actual attackers would have in place to justify their time and investment in their attacks.
The Hedgehog consulting teams activities are custom built to every client’s needs and requirements. We will assess your requirements and our senior CISO’s will design the perfect solution for your business.
New for 2020 is our Cyber Security School. All online and at a price point that all can approve, we have courses available such as:
Ever wanted to pass the ISO27001 audit with zero stress? Hedgehog Security has the answer. We believe that the standard is a base grounding of security for all businesses and our audit preparation service, while a tough six week process in itself, sets you up for success.
There are times when you just need some assistance, either by the day or even by the hour. Hedgehog Security was one of the first firms to offer per hour CISO time, providing you with highly cost effective support and advice, for just when you need it.
Originally called vCISO, our CCA service provides you with a complete Information Security function for your business. Led by one of Hedgehog Security’s CISO team, you have at you disposal an Information Security Officer and a team of technical gurus.
Hedgehog Security has been delivering Cyber Essentials gap analysis, preparation, implementation and audit services since the inception of the standard. With over 2000 success audits behind us, we are perfectly placed to help any business achieve the UK Governments base level of Cyber Security.
We have over 10 years of experience at the forefront of cyber security. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our consulting practice are here to carry out all manner of Cyber Essentials services for your business.
Cyber Essentials is the Government-backed, industry supported foundation for basic cyber security hygiene. The Scheme has been carefully designed to guide organisations of any size in protecting themselves against cyber threats. You can read more about the governments scheme here.
[secure] was built with the business owner, not the IT professional, in mind. [secure] helps all businesses achieve a base level of cyber security and frees them up to run their business.
[secure] was built with the business owner, not the IT professional, in mind. [secure] helps all businesses achieve a base level of cyber security and frees them up to run their business.
Secure GI is a 12-month subscription service available in basic and plus levels. The basic level looks at your public facing services. The Plus level looks inside too, and addressees Cyber Essentials and Cyber Essentials Plus certifications from the UK Government.
The system is simple and practical to use regardless of your technical abilities; and at the base level all you need to know to get up and running are three things:
In 2009, back when I was the Chief Information Security Officer for Gala Coral Group, I wrote that one of the hot topics for many Chief Information Security Officers was reducing the potential for Data Loss.
Introduction PHP 7, which was released on December 3, 2015, promises substantial speed improvements over previous versions of the language, along with new features like
We are living in interesting times as far as information security is concerned. Does it not seem that every few months a large multinational or well established British brand/individual appear to have been the victims of hackers?
The Payment Card Industry Data Security Standard, commonly shortened to PCI-DSS, was introduced to provide a minimum degree of security when it comes to handling customer card information. While the standard has been around for over a decade, specific requirements surrounding the penetration testing have only recently been officially incorporated into the process.
Nessus Summary Nessus Plugin ID: 42873 CVSS v3.0 Base Score: 5.3 Nessus Description: The remote host supports the use of SSL ciphers that offer medium
Nessus Summary Nessus Plugin ID: 66848 CVSS v3.0 Base Score: 5.3 Nessus Description: The remote host supports the use of SSL ciphers that offer no
Nessus Summary Nessus ID: 26928 CVSS v3.0 Base Score: 5.3 Nessus Description: The remote host supports the use of SSL ciphers that offer weak encryption.Note:
Nessus Summary Nessus ID: 65821 CVSS v3.0 Base Score: 2.6 Nessus Description: The remote host supports the use of RC4 in one or more cipher
Nessus Summary Nessus ID: 69551 CVSS v3.0 Base Score: 1.4 Nessus Description At least one of the X.509 certificates sent by the remote host has
Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.
We have recently had questions on Penetration Testing scope generation, how to complete a risk register for ISO27001 and how to harden the Apache webserver.
According several reports this week; the credentials of accounts have been leaked. 👨💻 *use one strong password unique to each gaming account *turn on two-factor authentication *keep software up to date *Only use official sources or stores to make online gaming purchases https://t.co/YpgxuK0Y9d
Read More
And thats just the ones that have been reported! 🤯 Scammers are increasingly using the Corona pandemic as an opportunity to cause as much damage as possible. 👩💻 Contact our Cyber Consultancy page for all of your queries and how to stay secure; 👨💻 https://t.co/VMhncDVlY4
Read More
Here are our top tips on how to protect yourself whilst working remotely; *KEEP YOUR DEVICES UPDATED *SECURE ALL ACCOUNTS WITH STRONG PASSWORDS *ONLY USE APPROVED SOFTWARE *SWITCH ON YOUR FIREWALL *BACK UP IMPORTANT DATA *KEEP PERSONAL AND WORK ACCOUNTS SEPARATE Be secure!🔐 https://t.co/TMt1bJRMzL
Read More
© 2009 – 2020 Hedgehog Cyber Security. All Rights Reserved.
