Skip to end of banner
Go to start of banner

Security Certificates

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Below is a library of our latest security certificates, designed as a single point of reference for our partners and customers, to provide visibility of the security levels we have achieved and when these are valid until.

Certificate

Obtained

Notes

Cyber Essentials

June 23

- due to a planned change in office location at the end of June 24, which involves a period of elapse between the old office and new office being available, we will be renewing our certification once we have moved into our new offices.

Penetration (PEN) Testing - API & Web Application

September 24

- Testing by a 3rd party provider (Daisy) is performed every 6 months to ensure we have an independent review of our software. This is in addition to the internal security scans we perform alongside each of our software releases.

Scope:

Our PEN Tests are performed against both our Web Application and the API element of our dashboard software, testing from both authenticated and unauthenticated perspective.

Results:

  • Only 1 Cycle of Testing needed - meaning no Critical or High priority items were found and needed a resolution before certification was achieved

  • Only 3 Medium and 4 Low priority items were highlighted by the PEN Tester, which are currently being tracked through our Product Backlog for future consideration.

  • Some of these could be considered false/positive results based on how for our application is designed to work

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.