Virtual Cabinet has committed to delivering continuous improvement and continual security testing as part of its service. The business sectors Virtual Cabinet operates in, process a great deal of highly sensitive data, and so ensuring absolute security, and ongoing responsiveness to emerging cyber threats and vulnerabilities, is critical. As such, the firm works with third-party penetration testers to ensure an independent, consultative approach to testing its software and portal. The incumbent provider was taking a very scripted approach, whereby Virtual Cabinet sought a stronger hacking mentality and an ability to test its systems in a more exploratory and creative way.
SureCloud’s CREST accreditation, exemplary testing skills and experience and strong track record were key factors in the decision, as well as its hacking mentality and willingness to ‘test to break’ – that is, to push Virtual Cabinet’s software as far as possible and seek out potential vulnerabilities away from a rigid checklist of tests. The project began with a scoping call with SureCloud’s testers, reviewing the Virtual Cabinet product and developing a truly bespoke approach to testing it. From there, SureCloud conducted an array of tests, including mobile application testing, web application testing and API security testing, all tailored to the precise nuances of Virtual Cabinet. SureCloud provides Virtual Cabinet access to their Vulnerability Management solution from the commencement of testing. This immediately enables live access to test findings, improved internal reporting and more effective remediation strategies.