Forfend Information Security

Affordable protection, priceless peace of mind
Choose our penetration testing services today

Our Accreditations

Why Choose Us?

Experience and Expertise

All Forfend consultants are highly experienced and qualified penetration testers who hold the highest industry certifications. Experts in a comprehensive portfolio of testing methodologies, we identify system vulnerabilities and offer practical remediation advice, in a manner that is understandable and digestible by everyone from management to developers.

Organisation Accreditations

Forfend hold a range of organisational accreditations that are a testament to our unwavering commitment to excellence and adherence to industry standards, ensuring that our clients receive top-tier services. This includes being an NCSC approved supplier for CHECK penetration testing, an IASME approved certification body for Cyber Essentials and Cyber Essentials Plus, as well as holding an ISO 9001 certification.

Personalised Consultancy Services

We deliver highly personalised, professional consultancy services; the consultant carrying out the engagement will be involved throughout the entire process, from initial scoping to testing, reporting, and responding to questions that may arise once the remediation process is underway.

Experience In A Range Of Industries

Our consultants have experience working in a range of different industries, from central government departments, critical national infrastructure, and councils, to legal, finance and technology sectors. Forfend consultants understand the threats and challenges faced by each industry, and are suited to offer testing types tailored to each sector’s needs.

Services provided

Infrastructure is the core of most organisation’s IT assets, and also one of the potentially largest attack surfaces presented. Infrastructure testing aims to identify any vulnerabilities that would allow an attacker to gain access to sensitive data

Applications are a common method of entry for attackers to gain access to internal corporate data. Ensure your application doesn’t expose any vulnerabilities leaving your data at risk

IT Health Checks review an organisation’s entire IT estate, and is an annual requirement for connecting to the Public Services Network (PSN). Forfend consultants are experienced carrying out ITHCs, as well as knowledgeable about their specific requirements.

With the rapid adoption of cloud services by many organisations, verifying the proper configuration of these services ensures that any data held within is not at risk of compromise

Wireless networks are used by many organisations to provide easy connectivity to corporate networks. These wireless networks however are often prone to attack, allowing an attacker an easy way in to your corporate network

Red team assessments mimic real world attack types, employing the same tools, techniques and procedures used by malicious actors to measure your organisation’s security posture, and identify any weaknesses in your detection and response

Employees are often the weakest link in the chain for any organisation’s security. Test how your employees react to our carefully tailored phishing campaigns to help train your employees how to spot and deal with phishing emails

Networking devices such as firewalls and switches are used to ensure access to sensitive environments is restricted to only allow intended access. The misconfiguration of these devices can allow attackers to access your sensitive data

Whilst all the care can be taken to ensure the security of any corporate assets exposed over the internet, what’s to stop someone just walking into your office? Review your physical security measures to make sure it’s not that easy


We were incredibly pleased with the service that we received from the guys at Forfend. From the outset, they met with us to get a full grasp of what we did as a business and decipher what type of attack we may be most susceptible to. Following the testing, we received a full report of the findings, we also met with the team at Forfend where they fully explained the findings in their report in a way that was clear for us to understand and gave us clear guidance on how to rectify the areas where we were weak. We would highly recommend Forfend for their competency, communication, and professionalism throughout the process.

Client In The Industrial Sector

We were thoroughly impressed with the effort from Forfend. They worked with us to identify the critical areas of the business that needed testing, and highlighted some issues we were unaware of, and demonstrated the potential impact associated with them. Their report was concise and made our lives easy putting in place their recommended fixes.

Client In The Retail Sector

Partnering with Forfend for our penetration testing needs was a game-changer. Their meticulous approach uncovered critical vulnerabilities previous companies hadn’t detected, and their actionable recommendations significantly bolstered our cyber security defenses. Would highly recommend.

Client In The Financial Sector

Drop Us A Message

    11 Brindley Place, Brunswick Square, Birmingham, B1 2LP

    Latest News From Blog

    27. Jul 2023

    From Default Printer Credentials to Domain Administrator

    Devices like printers are implemented into nearly every organisation’s corporate infrastructure, yet often little thought is put into considering the security risks

    11. Feb 2023

    Securing Virtual Private Networks (VPNs)

    Virtual Private Networks (VPNs) have become a critical tool for businesses and organisations to secure their online communications and protect sensitive data as more and more employees adopt remote working in the post-COVID world.

    24. Oct 2022

    Password Policies: A How-To

    A strong password for user, administrative, and service accounts is the first line of defence securing these accounts against compromise. Making sure the organisational password policy is of an adequate nature is an essential step to help protect an …

    24. Oct 2022

    Penetration Testing vs Vulnerability Assessments

    When it comes to cyber security testing, there are two types of testing that are often confused. Penetration testing and vulnerability assessments are two different types of tests …