Cognisys is a UK-based security consultancy, specialising in security assurance / penetration testing, as well as managed services, cybersecurity consulting and compliance standards. Based in Yorkshire, Cognisys prides itself on being a company with strong values and a down-to-earth approach to customer service. We work with clients from start-ups through to multi-national corporations and our mission remains the same with each customer - to improve the cybersecurity posture of every company we work with.
Compliance
We provide services to help clients meet key standards including Cyber Essentials, Cyber Essentials Plus, IASME Gold Governance, ISO 27001 and PCI-DSS regulations. Using a consultative approach, we aim to support businesses in identifying areas of non-compliance and providing remediation advice to help them meet the required standards.
ISO27001, Cyber Essentials Plus and IASME Gold are all badges that we’ve earned over the years. They’re important, not just to improve the security posture of your company but to show your supply chain that you take information security seriously. They’re also a pre-requisite for many tenders too.
Cybersecurity Consulting
Our excellent team of consultants are on hand to provide cybersecurity reviews to help you identify and recognise threats, vulnerabilities and weaknesses within your organisation. Using an audit-based gap analysis, we find out where you are falling short of best practice and once we've understood that, we can use our consultant-led approach to build a plan for bringing you up to standard and moving your organisation along the cyber security maturity curve.
Penetration Testing
Cognisys offer a suite of penetration testing, or security assurance testing, services, including: Web Application, Mobile Application, External and Internal Infrastructure, and Wireless tests. If there's a way in to your environment, we'll find it and then we'll help you close your security gaps to improve your organisational security posture.
We provide a detailed scoping document meaning the targets we aim for are the ones you want evaluating, and ensures that our pricing remains fair and in line with our fairness policy. Our methodology has been audited and approved by CREST. From the minute we onboard you and our detailed processes kick in, you’ll feel like you are in safe hands. All our tests include a consultant-driven wash-up call to examine and explain our findings as well!
Social Engineering
Cognisys can perform simulated phishing attacks, to determine the susceptibility of your organisation to this type of cyber assault. Working with you to devise a range of phishing scenarios, we will build a series of personalised, targeted and relevant emails. Typically the emails invite recipients to take certain actions that will result in them giving away sensitive information, such as usernames and passwords.
All responses, actions and information are intercepted and assessed, whilst redirecting users to landing pages or delivering convincing error messages to prevent suspicion. Any opportunities for potential exposure are presented in a format that allows an organisation to determine the security awareness of its employees.