CREST Accredited Penetration Testing

Penetration Testing

Penetration testing for SaMD (Software as a Medical Device), medical devices, business systems, digital health and more. CREST accredited and bespoke to the standards that you need to meet.

CREST Penetration Testing

Ensuring Digital Health Security through Penetration Testing

Our Penetration testing is customisable to fit the specific needs and requirements for digital health organisations, which makes it a valuable tool to identify and mitigate vulnerabilities in your computer systems, networks, and web applications.

Leading Testers

Our penetration testing services provide comprehensive assessments for business, digital health and medical devices to identify and address potential security risks.

Tailored Solutions

We offer customised penetration testing solutions to meet the unique needs of digital health organisations. We meet standards such as FDA, EUMDR and more.

Pen-testing

Ensuring the Safety of Your Digital Health Solution

Planning Process

Our expert team carefully plans the penetration testing process to identify vulnerabilities. We will book an initial call to understand your system in more detail and agree the scope.

Execution Phase

We execute comprehensive penetration tests to exploit vulnerabilities and assess their impact. During this phase we provide added value by meeting standards such as FDA, EUMDR, 81001-5-1, MDCG 2021-5 Rev.1

Reporting and Recommendations

We provide detailed reports and recommendations to help you strengthen your digital health security. You will have a follow up call with the consultant who will run through the findings, in an understandable way.

Continuous Improvement

We can work with you to implement security measures and ensure ongoing protection for your medical device, digital health solution or business systems. An added bonus is for medical devices, we will provide your vulnerabilities in a hazard format too, conforming with the EUMDR , IEC 62304 and many other standards.

Penetration Testing Solutions

We offer various types of Penetration Testing services, including Network Penetration Testing, Web Application Penetration Testing, and Mobile Application Penetration Testing.

What is Medical Device Security Testing?

Medical device security testing can be done in many ways, either part of your development lifecycle in line with IEC62304, or through a traditional penetration test. The challenge with generic penetration testing is that it may not cover all of the aspects that you would expect to see for your medical device. For example, integrity is a big part of medical device security and penetration tests often miss this as they focus on the OWASP top 10 only. We perform our penetration tests in line with medical device security standards such as IEC TR 60601-4-5:2021

What is Web Application Penetration Testing?

Web Application Penetration Testing is the process of evaluating the security of a web application by identifying vulnerabilities that could be exploited by attackers. It helps ensure that the application is secure against potential threats.

What is Mobile Application Penetration Testing?

Mobile Application Penetration Testing involves assessing the security of mobile applications to identify vulnerabilities that could be exploited by attackers. It helps ensure that the application is secure and protects user data.

What are the benefits?

Penetration Testing helps identify potential vulnerabilities in your digital infrastructure, allowing you to proactively address them before they can be exploited by attackers. It helps protect your sensitive data and ensures the security of your systems.

What penetration test do I need for my medical device?

The type of penetration test you need depends on the specific device, its connectivity, and the potential risks it faces. At Periculo, we offer tailored assessments based on factors such as network interfaces, data sensitivity, and regulatory requirements. Common tests include wireless, software, and hardware security evaluations. Our experts will work with you to determine the most appropriate test to safeguard your medical device against potential threats and ensure compliance with industry standards.

How long does Penetration Testing take?

The duration of Penetration Testing depends on the scope and complexity of the project. It can range from a few days to several weeks. Our team will work closely with you to determine the appropriate timeframe for your specific requirements.

What deliverables can I expect?

After completing the Penetration Testing, you will receive a comprehensive report detailing the vulnerabilities identified, along with recommendations for remediation. Our team will also provide ongoing support to help you address any security issues. For medical device security testing, we will provide you with a table of hazards considering standards and requirements that you choose, for example; IEC TR 60601-4-5:2021, EUMDR , IEC 62304 and MDCG 2021-5 Rev.1

What are the costs?

The cost of Penetration Testing varies depending on the scope and complexity of the project. We offer competitive pricing tailored to your specific requirements. Contact us for a detailed quote.

What is penetration testing for medical devices?

Penetration testing for medical devices involves assessing the security of connected medical equipment to identify potential vulnerabilities that could be exploited by cyberattacks. At Periculo, we simulate real-world threats to ensure that your devices are resilient to breaches, protecting patient data and the integrity of your systems. This is crucial for maintaining both compliance and patient safety in healthcare environments.

Do you perform Physical Penetration Testing?

Yes, We can conduct physical penetration testing. We simulate real-world intrusions to identify vulnerabilities in your physical defences, such as access controls and surveillance. Our detailed assessments help you strengthen your security measures and protect against unauthorised access.

How can I get started?

To get started with our Penetration Testing services, simply contact us to discuss your requirements. Our team will guide you through the process and provide you with a tailored solution to meet your security needs.

Still have questions?

Have a call with our founder or one of our experts to put together a free action plan.

Joy App Logo
"Periculo's guidance in achieving Cyber Essentials certification significantly bolstered our security posture."

Patrick Harding

CEO, Joy

Expert Penetration Testing Services

Protect your digital health with our expert Penetration Testing services.