Unique strategic partnership involves SureCloud delivering ‘pentesting’ services to Conosco’s clients to strengthen their security postures
Conosco is an IT and security consultancy, with over 15 years’ experience in providing managed IT services to clients across a range of verticals. With a focus on helping clients to gain value and advantage through IT, Conosco provides services that span the full IT lifecycle including strategic advice, project delivery, support and Information Security services.
Conosco CEO, Anders Reeves explained: “Our aim is to always deliver best-of-breed security services to our clients. So, when it came to offering penetration tests, we had no desire to establish our own services. We wanted to differentiate ourselves by working with an independent, highly experienced partner that would truly put clients’ defenses and security awareness to the test, in the same way that an experienced hacker would. This would give our clients extra confidence in their overall cybersecurity posture and enable them to keep their estates fully up-to-date against the latest threats.”
Choosing the right partner
Anders Reeves had worked with SureCloud previously and felt that SureCloud’s penetration testing services were “second to none”, finding faults and vulnerabilities that other testers were not able to. In 2017, as he was establishing Conosco’s security division, he approached SureCloud to offer penetration testing as a partner to Conosco’s clients.
SureCloud would form the team of attackers, to Conosco’s team of defenders. By delivering penetration testing services to Conosco’s clients, SureCloud would augment Conosco’s security offering, identifying vulnerabilities and security risks. Conosco would then help the clients manage and mitigate those risks.
Anders Reeves said: “We feel the advantage of using an independent provider in SureCloud enables the process to be completely objective and transparent. This gives our clients the peace of mind of knowing that their security is being tested and affirmed by genuinely independent, expert testers. In effect, SureCloud is holding our own cybersecurity services to account, giving clients unparalleled openness and honesty, and putting the interests of their business first.”
The solution: SureCloud’s PenTest-as-a-Service
SureCloud’s Pentest-as-a-Service replaces reactive, project-based security testing into a modern subscription service. Unlike traditional annual penetration tests, where output is delivered via a Static PDF document and only provides a snapshot of vulnerabilities at the time of the project, SureCloud’s PenTest-as-a-Service transforms test delivery and remediation management, allowing clients to gain full visibility of their security posture both during testing and continuously following remediation.
The service gives clients access to SureCloud’s team of accredited cyber experts for advanced, in-depth security testing. Clients then access the SureCloud Platform to get complete visibility and oversight of all their testing projects, including historic ones. This gives them the ability to manage remediation, allocate tasks, and trend and track progress via dashboards, making the entire process easy to manage.
As part of its partnership with SureCloud, Conosco has its own exclusive partner portal on the SureCloud platform, in which it can securely access test reports and recommendations for each of its clients. From the SureCloud portal, Conosco and SureCloud can offer clients the most appropriate security services and solutions in response to the findings of each test.
The partnership between Conosco and SureCloud has had an overwhelmingly positive impact, according to Anders Reeves. He said: “Having a secure portal on SureCloud’s platform enables us to deliver seamless interaction between testing and remediation services, with the results of tests and the follow-up status being available centrally. It clearly demonstrates the value of our joint service offering and ensures we are accountable in ensuring the most robust security for our clients’ business. I believe this partnership is truly unique in the UK IT security sector”
In the future, Conosco plans to extend the partnership to include a virtual data protection offering, using SureCloud’s GRC solutions via the SureCloud platform, to augment Conosco’s existing ISO 27001 gap analysis and support services.
Luke Potter, Cybersecurity Practice Director at SureCloud says: “SureCloud looks forward to developing the partnership with Conosco further. Having worked closely on a number of projects already, it’s evident that SureCloud’s PenTest-as-a-Service, hosted on SureCloud’s cloud-based platform, is bringing significant benefits for Conosco’s clients from a remediation management, trend, and vulnerability analysis standpoint.”
Anders Reeves, Chief Executive at Conosco says: “We wanted to differentiate ourselves by working with an external, highly experienced partner that would truly put clients’ defenses and security awareness to the test, in the same way that an experienced hacker would. This gives our clients extra confidence in their overall cybersecurity posture, and enable them to keep their estates fully up-to-date against the latest threats. Working with SureCloud has been absolutely the right move for us. I believe this partnership is unique in UK IT security sector, and our customers very much appreciate the approach of working with a leading external penetration tester that is able to give their security defenses the most thorough examination. It gives them real confidence that we are working together to deliver the best possible protection for their business needs.”