The 4 key elements of a Cyber Essentials Plus test can be described briefly below:
External Vulnerability Scan
- We scan your external IP addresses (internet facing) and perform a vulnerability assessment.
- Goal – to ensure no High or Critical vulnerabilities present on end devices where a patch is available and has been for more than 14 days.
Internal Vulnerability Assessment (patch audit)
- We scan a “sample” of devices on your network, including desktops/laptops, some types of servers, mobile phones.
- Goal – to confirm patching/configuration is Cyber Essentials complaint across the devices.
Browser/Email Malware protection test
- We test your all browsers/email clients on the chosen sample set against a standardised set of mock malicious files
- Goal – to confirm all devices from the sample protect the end user suffeciantly against malicious files.
- We confirm on all devices from the sample range are equipped with correctly configured and up to date Anti-malware software.
End User Device Compliance Audit