Call +44 3333 444 256
Hedgehog Security, a CREST member company, strives to deliver the best cyber security to our clients through our research driven innovative services.
At Hedgehog Security we believe every business has the right to a safer connected world. Our mission is to deliver that.
Honesty | Integrity | Excellence
Our Penetration Testing team are on hand to carry out all aspects of pen testing from single web and mobile applications, through infrastructure and SCADA testing all the way to Red Team engagements. Our business is fully CREST registered and we have CREST CRT and TIGER qualified penetration testers available to work on any penetration testing needs you have. >> READ MORE
Being the first ever company to offer a vCISO service (Virtual Chief Information Security Officer), we have often been copied but never surpassed. Our team of CISOs are here 24×7 to assist in everything from writing policies to implementing full ISO27001 programs. Our team are also available to step into your business for short, medium and long term to bridge any skills shortages or to run your Information Security Office. >> READ MORE
Secure is our one stop shop for small businesses. Designed from the ground up for the small business. All you need is your domain name as a starting point. We will monitor and develop your Cyber Security strategy and program around your business without you needed the specialist security skill. >> READ MORE
Whether you simply need access to the audit portal because you have it all in hand already or you need your company hand holding through the entire Cyber Essentials journey, we are here. We have a dedicated team of highly skilled specialists to help with every aspect from advice, to implementation and audit. >> READ MORE
Hedgehog Security has over 10 years of experience at the forefront of cyber security. Our penetration testing team has worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our penetration tests leverage deep knowledge of attacker’s behaviours and methods. We use the same tools, tactics and procedures (TTPs). Every test is custom built to every client’s needs and requirements. We assess specific aspects of the security program and the state of security of systems, networks and applications within the scope.
We set modern, realistic goals for our talented penetration testers to attempt to achieve. These are the same goals that actual attackers would have in place to justify their time and investment in their attacks.
The Hedgehog consulting teams activities are custom built to every client’s needs and requirements. We will assess your requirements and our senior CISO’s will design the perfect solution for your business.
New for 2020 is our Cyber Security School. All online and at a price point that all can approve, we have courses available such as:
Ever wanted to pass the ISO27001 audit with zero stress? Hedgehog Security has the answer. We believe that the standard is a base grounding of security for all businesses and our audit preparation service, while a tough six week process in itself, sets you up for success.
There are times when you just need some assistance, either by the day or even by the hour. Hedgehog Security was one of the first firms to offer per hour CISO time, providing you with highly cost effective support and advice, for just when you need it.
Originally called vCISO, our CCA service provides you with a complete Information Security function for your business. Led by one of Hedgehog Security’s CISO team, you have at your disposal an Information Security Officer and a team of technical gurus.
Hedgehog Security has been delivering Cyber Essentials gap analysis, preparation, implementation and audit services since the inception of the standard. With over 2000 success audits behind us, we are perfectly placed to help any business achieve the UK Governments base level of Cyber Security.
We have over 10 years of experience at the forefront of cyber security. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our consulting practice are here to carry out all manner of Cyber Essentials services for your business.
Cyber Essentials is the Government-backed, industry supported foundation for basic cyber security hygiene. The Scheme has been carefully designed to guide organisations of any size in protecting themselves against cyber threats. You can read more about the governments scheme here.
[secure] was built with the business owner, not the IT professional, in mind. [secure] helps all businesses achieve a base level of cyber security and frees them up to run their business.
[secure] was built with the business owner, not the IT professional, in mind. [secure] helps all businesses achieve a base level of cyber security and frees them up to run their business.
Secure GI is a 12-month subscription service available in basic and plus levels. The basic level looks at your public facing services. The Plus level looks inside too, and addressees Cyber Essentials and Cyber Essentials Plus certifications from the UK Government.
The system is simple and practical to use regardless of your technical abilities; and at the base level all you need to know to get up and running are three things:
You should by now know that the rules are changing on General Data Protection Regulation (GDPR) to protect the data of EU citizens, but are you ready?
Over the past few days, you will have heard of the new vulnerabilities affecting Intel and AMD processes, but what does it really mean?
With 2018 just days old it’s time to reflect on what proved to be another busy year in the world of cybersecurity.
New research by Apricorn, into USB use, found that 80% of workers use non-encrypted USB drives on their work computers, which got us thinking about the potential dangers that could be lurking in your office every day.
2017 has been quite a year for hacking headlines and data breaches and it seems that despite all the warnings and advice some people, who really should know better, are still putting themselves and others at risk.
It seems that every day there’s another story about a data breach, with innocent people the world over having their personal information released online – so would you know what to do if you were a victim?
Security researchers have discovered that a piece of malware named after the Star Wars character Chewbacca has been used to steal payment card and personal information 49,000 payment cards stored by 45 retailers in 11 countries.
Peter demonstrates how to gain access to a domain joined PC and then spawn a reverse shell back to our command and control system.
Throughout 2017 I kept a note of all the passwords encountered across 71 onsite penetration tests I was engaged on or peer-reviewed. From all the passwords, two were extremely memorable:
Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.
We have recently had questions on Penetration Testing scope generation, how to complete a risk register for ISO27001 and how to harden the Apache webserver.
@BBCNews reported @ScottishEPA has been subject to a #ransomware attack since Christmas Eve. Always back up your systems and ensure #CyberSecurity software is up to date! Let us keep your business safe - get in touch: https://t.co/TN7iCiyOEB
Read More
#CyberSurvivalTip Delete online accounts you havent used in the past 6 months. #h2sec
Read MoreHeard the story about the man with just 2 #password guesses left before he loses access to $220m worth of #Bitcoin? Don't be that guy! Use a password manager like @Bitwarden to ensure your passwords are safe & #secure. Check out our blog for more info: https://t.co/fWUX59WRRM
Read More
© 2009 – 2021 Hedgehog Cyber Security. All Rights Reserved.
Supporting the EFF | Spam Protection supplied by MX Guarddog
