Prism Services

Annual, project-based penetration testing is no longer sufficient to provide businesses with the assurances they need.

Our Prism Services have been developed as a way to provide your organisation with a continuous, real-time security strategy, offering greater protection against cyber threats.

Fast, unified security and compliance

Minimise network impact, optimise security, and unify reporting through a single assessment for vulnerabilities, configurations, controls and policy checks.

Access the mindset of an attacker

Our intelligence-gathering expert scanning system emulates the tactics, techniques and procedures (TTPs) and indicators of compromise (IoCs) used by hackers.

Threat-driven prioritisation

Our services offer accurate insight into the most critical vulnerabilities by leveraging threat intelligence such as TTPs, IoCs, malware and exploit exposure – including both CVSS v2 and v3.

Effective Risk Management

Allowing you to focus on the highest risks that matter to your business through asset classification, risk prioritisation and remediation.

Remediation planning

Driving effective risk reduction by communicating the most concise, actionable and clear step-by-step instructions to enable IT teams and to quickly remediate risk.

Remote flexible penetration testing

A Rootshell hardened security appliance can be used by our analysts and consultants to conduct full internal assessments as though they were on site.

Download the Prism Services Datasheet

Learn how Prism Services can maximise the effective use of budgets

Managed Vulnerability Scanning (MVS)

Our end-to-end vulnerability scanning service will provide your organisation with continuous visibility of security vulnerabilities across your key assets, allowing your security personnel to focus on other duties.

  • Our expert security consultants work with your organisation to identify and prioritise key assets.

  • Rootshell SOC analysts and security consultants are on hand to work with your organisation to discuss results in detail.

Penetration Testing

Our expert cyber security team are trusted by some of the world’s largest private and public-sector organisations. We simulate real world attacks on your network, applications or systems, utilising both established and emerging malicious threat actor techniques to identify vulnerabilities and weaknesses.

  • Clear recommendations from our expert consultants on how to remediate against reported vulnerabilities.

  • Free remote retesting once remediation has been completed. We believe in the actionable quality of our advice and insights

Cyber Threat Intelligence (CTI)

Organisations are often targeted by malicious threat actors, such as cyber criminals, nation-state actors and hacktivists. Cyber criminals utilise a variety of techniques to target organisations and their users. With our CyberCare services, Rootshell can monitor and alert on threat events within the public domain that may indicate a potential attack. Services include:

  • Typo Squatting Detection: Rootshell Security can identify registration of suspicious domains indicating that a threat source is registering similar domains to that of your website, helping you to protect your organisation.

  • Blacklist Detection: Your infrastructure appearing on bad-reputation lists (aka ‘blacklists’) associated with malicious behaviour may indicate a range of potential concerns such as infected or compromised corporate endpoints.

  • Compromised Account Detection: Timely knowledge of any compromised account credentials allows you to take action by disabling the account or changing the password.

Phishing Assessments

A doppelganger domain is designed to trick users by mimicking a legitimate fully qualified domain name. Typo squatting (also known as cybersquatting) is defined as registering or using internet domain names in bad faith to profit from someone else’s trademark, and can target both major organisations and small businesses.

  • Continuous updates of automated investigation into possible permutations of your domain name.

  • Shows those registered with ‘A’ records (IP addresses) and ‘MX records’ (mail addresses) for the domain.

Cyber Essentials Certification

Cyber Essentials is an effective Government-backed scheme that will help you to protect your organisation, whatever its size, against a wide range of the most common cyber attacks.

Rootshell Security is an assessor and include an annual assessment as part of our CyberCare service – helping your organisation become Cyber Essentials certified.