Under the Bonnet

Tests are carried out using a solution combining globally preferred cyber security scanning and penetration testing technology with easy-to-use analytics to help you understand your exposure to risk. This is offered exclusivly to Sentria by our UK Partner Cyber Tzar.

The Platform

The platform conducts over 55,000 checks by automating the OWSAP Zap open-source web application security scanner then generates a standardised ‘cybersecurity score’ (out of a possible 1,000) providing a clear indication of the risk impact and risk distribution of technical vulnerabilities found in a given website. 

The Assessments

Risk Distribution and Risk Assessment Matrices are created giving you not only pinpoint accuracy in terms of your site’s cybersecurity position but also demonstrating which of the vulnerabilities discovered are the most serious and therefore in need of the most urgent attention. 

The Vulnerbilities

provided is also a comprehensive list of all vulnerabilities found, what they imply for website security, their exact location within the site together with instructions on how each can be remedied.

Compatable Technology

We work on all web technologies

Aligned Security Frameworks

Web Security Frameworks

Why Regular and Deep-Level Testing?

Un-secure website code can be found by hackers using automated ‘bots’. Identifying and fixing code is the most secure way of ensuring the safety of your business website. Sentria’s breakthrough report and repair pricing brings this within reach of mainstream businesses.

Regular and Deep-Level Testing

Non-intrusive (static code) analysis is used by search engines and other automated internet systems to understand the contents of a website.

This is a first-level and inexpensive cybersecurity approach, allowing highly visible code errors and vulnerabilities to be found and reported quickly.

Penetration Testing

Also known as dynamic code testing, these scans appear to the site as an individual user browsing and completing forms while at the same time searching for vulnerabilities that could allow the site to be compromised.

Static vs Dynamic Static Code Dynamic Code
Non-intrusive (static code) analysis
Non-intrusive (dynamic code) analysis
Included scanning of up to 5 subdomains
SSL certificate health check
Full listing of remediation issues
Risk classification under standard industry frameworks (OWASP, MITRE, NIST)
Risk-based repair prioritisation report
Form code vulnerability report
Client area vulnerability report
Port vulnerability report