YOUR PATH TO CYBER RESILIENCE

CREST STAR PENETRATION TESTING SERVICES

GOVERNANCE, RISK MANAGEMENT & COMPLIANCE

CLOUD SECURITY SERVICES

PAYMENT CARD INDUSTRY SERVICES

CAA AVIATION SECURITY SERVICES

OFFERING THE FULL SPECTRUM
OF CYBER SECURITY SERVICES


Cyber Security Specialists based in the UK

Established in 2006 and with offices in Cheltenham and Liverpool (UK), Prism Infosec provides comprehensive information security services to organisations based in the UK and overseas.

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor Company employing consultants with a high standard of technical skill. Whether delivering advice on cutting edge information security architectural solutions, conducting management controls audits, or in-depth technical penetration testing our consultants always deliver a quality end-to-end service.

Prism Infosec operates a fully certified (UKAS accredited) ISO27001:2013 Information Security Management System (ISMS) and ISO9001:2015 Quality  Management System (QMS).

Prism Infosec’s innovative approach to the delivery of PCI projects and technical security testing was recognised with a PCI Award for Technical Excellence in January 2020. The award was presented for the delivery of a client project that was considered by the review panel to be an outstanding example of best practice.

our cyber security services

Delivering a range of testing and consulting services to our clients for over a decade, Prism Infosec works with a global client base to provide high quality solutions and pragmatic recommendations to effectively manage cyber risk.

Cyber Security Assessments

Test your information security controls and ascertain weaknesses and vulnerabilities

GRC and Information Security Consulting

Engage a Prism Infosec security consultant to help manage your cyber security risks.

Cloud Security

Manage the risks associated with procuring, migrating or delivering cloud services.

LATEST NEWS AND VIEWS

News article
Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)

Posted on

Introduction to CVE-2023-23397 On 14th of March, Microsoft released a security advisory, detailing CVE-2023-23397, a privilege escalation vulnerability, affecting various versions of Microsoft Outlook. The vulnerability has been assigned a CVSS:3.1 score of 9.8 (CRITICAL).  The vulnerability allows a remote, unauthenticated attacker to access a victim’s Net-NTLMv2 hash by sending a tailored email to a compromised […]

Read more...

News article
Privilege Escalation and RCE Vulnerabilities for Multiple ABB Appliances [ASPECT, Matrix, Nexus]. (CVE-2023-0635 / CVE-2023-0636)

Posted on

Prism Infosec recently identified two high risk vulnerabilities within the ABB Aspect Control Engine affecting versions prior to 3.07.01. The two vulnerabilities discovered could result in remote code execution (RCE), and privilege escalation within ABB’s Aspect Control Engine software.  Background During a recent security testing engagement, Prism Infosec discovered an ABB Aspect Appliance through traditional […]

Read more...


The changing threat landscape and evolving security practices will make red teaming more vital than ever, argues Phil Robinson via @CyberSecInt. #cybersecurity #redteaming #AI #RaaS #API.

Why aren’t more businesses using #IncidentResponse Plans (IRPs)? Phil Robinson looks at what lies behind the inertia and why it needs to change via @InfosecurityMag. #cybersecurity

request a callback

Please complete the form below and we will get in touch with you to discuss your requirements

  • Fields marked with an * are mandatory

  • This field is for validation purposes and should be left unchanged.