YOUR PATH TO CYBER RESILIENCE

CREST STAR PENETRATION TESTING SERVICES

GOVERNANCE, RISK MANAGEMENT & COMPLIANCE

CLOUD SECURITY SERVICES

PAYMENT CARD INDUSTRY SERVICES

CAA AVIATION SECURITY SERVICES

OFFERING THE FULL SPECTRUM
OF CYBER SECURITY SERVICES


Cyber Security Specialists based in the UK

Established in 2006 and with offices in Cheltenham and Liverpool (UK), Prism Infosec provides comprehensive information security services to organisations based in the UK and overseas.

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor Company employing consultants with a high standard of technical skill. Whether delivering advice on cutting edge information security architectural solutions, conducting management controls audits, or in-depth technical penetration testing our consultants always deliver a quality end-to-end service.

Prism Infosec operates a fully certified (UKAS accredited) ISO27001:2013 Information Security Management System (ISMS) and ISO9001:2015 Quality  Management System (QMS).

Prism Infosec’s innovative approach to the delivery of PCI projects and technical security testing was recognised with a PCI Award for Technical Excellence in January 2020. The award was presented for the delivery of a client project that was considered by the review panel to be an outstanding example of best practice.

our cyber security services

Delivering a range of testing and consulting services to our clients for over a decade, Prism Infosec works with a global client base to provide high quality solutions and pragmatic recommendations to effectively manage cyber risk.

Cyber Security Assessments

Test your information security controls and ascertain weaknesses and vulnerabilities

GRC and Information Security Consulting

Engage a Prism Infosec security consultant to help manage your cyber security risks.

Cloud Security

Manage the risks associated with procuring, migrating or delivering cloud services.

LATEST NEWS AND VIEWS

News article
CVE-2022-34001 – XML External Entity (XXE) in Unit 4 ERP 7.9 (Also Known As “Agresso”)

Posted on

Prism Infosec Identified an XXE vulnerability within Unit4’s Enterprise Resource Planning (ERP) software. This has been assigned CVE-2022-34001. Unit4’s ERP software is a well-known enterprise management suite, which includes financial and project management tools. Prism Infosec discovered a blind XXE within a specific function of the ERP software. This would allow an authenticated attacker to […]

Read more...

News article
What is the PSTI and will it improve IoT security?

Posted on

By Phil Robinson The new Product Security and Telecommunications Infrastructure (PSTI) Bill currently going through parliament comprises two parts. The first aims to put in place safeguards to regulate the secure design of the Internet of Things (IoT) while the second will ensure broadband and 5G networks are gigabit-grade. It’s the first part that has caused a […]

Read more...


Zero Trust is the new kid on the block but has it replaced Defence in Depth? Phil Robinson weighs up their relative merits via @Info_Sec_Buzz #ZTA #DiD #CyberSecurity

https://informationsecuritybuzz.com/articles/does-zero-trust-mean-defence-in-depth-is-dead/

What’s changed in PCI DSS 4.0 and can those changes boost compliance? Phil Robinson takes a detailed look via Computer Fraud & Security journal. #pcidss #cybersecurity

https://www.magonlinelibrary.com/doi/epub/10.12968/S1361-3723%2822%2970579-9

request a callback

Please complete the form below and we will get in touch with you to discuss your requirements

  • Fields marked with an * are mandatory

  • This field is for validation purposes and should be left unchanged.