Cyber Security

Penetration Testing

A real-world simulated attack that shows exactly how an intruder could get into your network — carried out on a CREST-approved platform, with a full technical report and a plain-English summary for your board or trustees.

Get a quote

Overview

See your defences through an attacker’s eyes

A penetration test goes beyond automated scanning: our testers actively attempt to breach your systems the way a real attacker would — chaining together weaknesses to see how far they could get. You get a clear picture of your true exposure, ranked by risk, with practical steps to close every gap. Ideal ahead of Cyber Essentials Plus, for compliance evidence, cyber insurance, or simply peace of mind.

Scope

External and internal testing

External network

We test your internet-facing systems — firewalls, VPNs, web applications and public IPs — to find what an outside attacker could exploit.

Internal network

We simulate an attacker who is already inside — a phished user or rogue device — to see how far they could move across your network.

What’s included

A test you can act on

External & internal network penetration testing
CREST-approved platform and proven methodology
Executive summary for your board or trustees
Full technical findings report with evidence
Prioritised remediation plan — what to fix first
Free re-test of critical findings once fixed

Pricing

Priced by the size of your network

Testing is priced annually by the number of live IP addresses in scope, and paid as a simple monthly amount.

External networkAnnualPer month
Up to 5 IPs£1,950£162.50
Up to 10 IPs£2,800£233.33
Up to 25 IPs£3,400£283.33
Up to 50 IPs£4,200£350.00

Internal network testing is scoped by device count and quoted on request. Prices are a guide, correct at the time of publication (July 2026), exclude VAT and are subject to change.

Better together

Part of the Cyber Resilience Programme

A pen test is a point-in-time check — resilience is continuous.

Penetration testing pinpoints how an attacker could break in today. Combined with continuous vulnerability management, our 24/7 SOC monitoring and security awareness training, it becomes part of an ongoing cycle of finding, fixing and validating. Most clients include testing within their wider Cyber Resilience Programme.

CRESTApproved testing platform
24/7SOC monitoring
CE PlusCyber Essentials Plus certified
130+Organisations protected

Find out how an attacker would get in

Get a scoped penetration testing quote for your network — no obligation.

Get a quote