Cybersecurity and Governance, Risk and Compliance vendor SureCloud has been selected to perform penetration testing services for customers of IT and security consultancy Conosco. With the aim to give clients extra confidence in their overall cybersecurity posture and enable them to keep their estates fully up-to-date against the latest threats, Conosco wanted to differentiate themselves by working with an independent, highly experienced partner that would truly put clients’ defenses and security awareness to the test, in the same way that an experienced hacker would.
Conosco CEO, Anders Reeves had worked with SureCloud previously and felt that SureCloud’s penetration testing services were “second to none”, finding faults and vulnerabilities that other testers were not able to. In 2017, as he was establishing Conosco’s security division, he approached SureCloud to offer penetration testing as a partner to Conosco’s clients.
SureCloud would form the team of attackers, to Conosco’s team of defenders. By delivering penetration testing services to Conosco’s clients, SureCloud would augment Conosco’s security offering, identifying vulnerabilities and security risks. Conosco would then help the clients manage and mitigate those risks.
SureCloud’s Pentest-as-a-Service replaces reactive, project-based security testing into a modern subscription service. Unlike traditional annual penetration tests, where output is delivered via a Static PDF document and only provides a snapshot of vulnerabilities at the time of the project, SureCloud’s PenTest-as-a-Service transforms test delivery and remediation management, allowing clients to gain full visibility of their security posture both during testing and continuously following remediation.
The service gives clients access to SureCloud’s team of accredited cyber experts for advanced, in-depth security testing. Clients then access the SureCloud Platform to get complete visibility and oversight of all their testing projects, including historic ones. This gives them the ability to manage remediation, allocate tasks, and trend and track progress via dashboards, making the entire process easy to manage.
As part of its partnership with SureCloud, Conosco has its own exclusive partner portal on the SureCloud platform, in which it can securely access test reports and recommendations for each of its clients. From the SureCloud portal, Conosco and SureCloud can offer clients the most appropriate security services and solutions in response to the findings of each test.
Anders Reeves, Chief Executive at Conosco said:
“Working with SureCloud has been absolutely the right move for us. I believe this partnership is unique in UK IT security sector, and our customers very much appreciate the approach of working with a leading external penetration tester that is able to give their security defenses the most thorough examination. It gives them real confidence that we are working together to deliver the best possible protection for their business needs.”
Luke Potter, Cybersecurity Practice Director at SureCloud has said:
“SureCloud looks forward to developing the partnership with Conosco further. Having worked closely on a number of projects already, it’s evident that SureCloud’s PenTest-as-a-Service, hosted on SureCloud’s cloud-based platform, is bringing significant benefits for Conosco’s clients from a remediation management, trend, and vulnerability analysis standpoint.”
In the future, Conosco plans to extend the partnership to include a virtual data protection offering, using SureCloud’s GRC solutions via the SureCloud platform, to augment Conosco’s existing ISO 27001 gap analysis and support services.