Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

PENTEST Pass Certificate_WebApp_Jan24.pdf

- Testing was conducted by our 3rd party PEN Testers (Daisy), and occurs every 6 months to ensure we have an independent review of our software. This is in addition to the internal security scans we perform alongside each of our software releases, which are underpinned by regular Technical Debt upgrades to our 3rd Party libraries and frameworks.

Scope:

Our PEN Tests were performed against both our Web Application and the API element of our dashboard software, testing from both an authenticated and unauthenticated perspective.

Results:

  • Only 1 Cycle of Testing was required - meaning no Critical or High priority items were found and needed a resolution before certification was provided

  • Only 2 Medium and 4 Low priority items were highlighted by the PEN Tester, which are currently being tracked through our Product Backlog for future consideration

  • Some of the item's highlight could be considered false/positive results, based on how our application is designed to function - and therefore may not be addressed

Certificate

Obtained

Notes

Cyber Essentials

June 23

View file
nameCyber Essentials Pass Certificate - June 23 (1).pdf

- due to a planned change in office location at the end of June 24, which involved involves a period of elapse between the old office and new office being available, we will be renewing our certification once we have moved into our new offices - likely to be in early 2025.

Penetration (PEN) Testing - API & Web Application

Feb September 24

View file
namePENTEST Pass Certificate_API_Jan24Panintelligence-PenTest-Cert.pdf

Penetration Testing - Web Application

Feb 24

View file
name