Security Health Check

How long would it take a hacker to access your sensitive information or sabotage your mission-critical systems? How well could you withstand a sustained cyber attack? What damage could a system compromise cause to your operations, regulatory compliance and reputation?

QinetiQ’s Security Health Check service helps customers in government, law enforcement, defence and industry answer these questions and more, by subjecting their systems, applications and networks to determined penetration testing – expertly simulating both external and internal attacks. We use the same tools and techniques as the most highly skilled adversary.

It’s a proactive process that leads to a detailed understanding of an organisation’s risk, vulnerabilities and exposure to potential hackers – a foundation for:

  • Reducing business and reputational risk by eliminating weaknesses
  • Preventing data loss, for instance through the theft of IP (Intellectual Property) or customer data
  • Improving security posture, and demonstrating compliance with regulatory requirements
  • Increasing customer confidence and building credibility.

CREST and CHECK approved

QinetiQ’s Security Health Check team is approved by the CREST and CESG CHECK certification schemes.

Tailored to the customer

All the tests we undertake are tailored to a customer’s specific requirements, take into account the risk profiles of the system and the organisation, and are scoped to provide the best value. A QinetiQ Security Health Check could include:

Infrastructure testing to ensure servers, security devices and network components are built and secured in line with best practice.

Application testing to assess the threat from authenticated and unauthenticated attackers.

Wireless network testing to assess whether your Wi-Fi networks or laptops can be accessed by external attackers.

VoIP system testing that determines how vulnerable the phone system is.

On-host auditing to assess the security posture of a particular host, whether a standard build desktop, server or infrastructure component.

Product assessments of existing and new hardware/software solutions.

We then generate clear, concise and timely reports that prioritise areas of technical risk and present them in an easily understandable and actionable format.

Proven Track Record

QinetiQ’s track record in the penetration testing area is second to none. We carried out our first penetration test in 1994, and have the UK’s longest established pentest team, formed in 1996. We continually conduct pentests for a wide range of clients, keeping us up-to-date with all the latest threats and vulnerabilities.

Strictly Confidential

All QinetiQ Security Health Check assessments are conducted in the strictest confidence. All testing is conducted by staff with official UK security clearances up to SECRET level or above. QinetiQ Security Health Check never discloses the identity of its customers.


Man using laptop