We are Eploy’s “go-to” for regular penetration testing services and are currently supporting the leading recruitment software company in gaining their ISO27001 certification. Read on to learn how we provide penetration testing for recruitment and SaaS organisations across the UK and globally.

The Challenge

What challenges were you and your team experiencing prior to working with us – what prompted you to seek a solution? Traditionally, Eploy used a large security firm which was more of a transactional relationship, and although there was nothing wrong with the service, we didn’t have a relationship with them or continuity in personnel.

How did you go about searching for penetration testing services? We weren’t looking to change suppliers but were contacted by Evalian who outlined why their service was different. There were a couple of things that stood out, in particular the free re-testing. This had recently become important to us as a business, so prompted us to get in touch with the Evalian team to find out more.

Please describe the reasons you decided to work with us. We were impressed with Evalian’s approach to pen testing and the similarity in company culture to Eploy. The importance placed on a people-based relationship with customers, focus on quality and openness in the approach that Evalian have is the same as Eploy. We decided to give Evalian the opportunity to replace our existing supplier and are very happy that we did.

Had you ever had penetration testing before from another company – did you have any expectations? Our expectation of Evalian was that the testing would be systematic and thorough – which is exactly how it has been.

Solution

How did you find the scoping process – did you understand what it was you needed or did you need some guidance? Eploy is a complex web application with multiple portals, the API and various web interfaces that required testing. The scoping process was clear, and as we’ve developed the relationship and had further testing, Evalian’s knowledge of the Eploy product set has proved invaluable when scoping other projects.

Were there any challenges you found along the way and how did you feel we or your consultant, helped to support you through that? There were some elements of the report post-testing that we had to revisit to fully understand the vulnerability and remedial action needed given the complex nature of cyber security. The pen test report was clear, and the support and advice we got from Keith at Evalian was pragmatic. Lauren was great (and very patient!) at arranging the calls and tests.

 Impact

What has been the most significant achievement for your business facilitated by using our services? We are confident that we have a pen testing partner in Evalian who fully understands Eploy’s products, with mutual respect and trust to provide security advice and testing services.

Please briefly talk us through what other services you’re engaging Evalian for and the reasons behind doing so. Evalian is our go-to provider for pen testing services. We are currently using the services to complete the complex process of obtaining ISO27001 certification. Danny and Ben are pretty much part of the Eploy family now!