Salus Logo
Penetration Testing

CHECK Penetration Testing (ITHC)

CHECK was developed for government departments, public sector bodies, and the organisations forming the UK’s critical national infrastructure (CNI) to gain external, independent assurance; however, many private sectors within these supply chains elect to perform CHECK testing to demonstrate adherence to good practices and meet contractual obligations.

CHECK is the scheme under which NCSC-approved companies can conduct authorised penetration tests of public sector and CNI systems and networks. Companies providing CHECK services use staff with NCSC-approved qualifications and suitable experience.

A CHECK ITHC should ensure that your organisation’s scoped assessment has a realistic threat scenario and should not just be considered a box-ticking exercise. Adding this threat modelling helps you design testing with outcomes that will help prove whether your scoped element is vulnerable to the threats you identified. A good example is on air-gapped networks; many organisations request a simple penetration test, whereas scoping the ITHC as a malicious insider or rogue administrator scenario can prove far more helpful in identifying risks and attack vectors that may be unknown.

Penetration tests will be conducted using NCSC-recognised methods. The subsequent report and its recommendations are meticulously crafted to a recognised standard. They are reviewed by the NCSC, ensuring the highest level of quality.

CHECK Penetration Testing (ITHC) Services

Salus CHECK Green Light Service

Our Approach

Whatever you're protecting, we apply defence grade cyber security skills whilst taking into consideration the realities of day-to-day business operations. We help our customers to address their known - and their unknown - cyber risks.

Here to Help
Tell Us Your Priorities!

Related Services