What is involved in a Plus Assessment?

The 4 key elements of a Cyber Essentials Plus test can be described briefly below:
External Vulnerability Scan

  • We scan your external IP addresses (internet facing) and perform a vulnerability assessment.
  • Goal – to ensure no High or Critical vulnerabilities present on end devices where a patch is available and has been for more than 14 days.

Internal Vulnerability Assessment (patch audit)

  • We scan a “sample” of devices on your network, including desktops/laptops, some types of servers, mobile phones.
  • Goal – to confirm patching/configuration is Cyber Essentials complaint across the devices.

Browser/Email Malware protection test

  • We test your all browsers/email clients on the chosen sample set against a standardised set of mock malicious files
  • Goal – to confirm all devices from the sample protect the end user suffeciantly against malicious files.
  • We confirm on all devices from the sample range are equipped with correctly configured and up to date Anti-malware software.

End User Device Compliance Audit