YOUR PATH TO CYBER RESILIENCE

CREST STAR PENETRATION TESTING SERVICES

GOVERNANCE, RISK MANAGEMENT & COMPLIANCE

CLOUD SECURITY SERVICES

PAYMENT CARD INDUSTRY SERVICES

CYBER SECURITY ASSESSMENTS

OFFERING THE FULL SPECTRUM
OF CYBER SECURITY SERVICES


Cyber Security Specialists based in the UK

Established in 2006 and with offices in Cheltenham and Liverpool (UK), Prism Infosec provides comprehensive information security services to organisations based in the UK and overseas.

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member and PCI Qualified Security Assessor Company employing consultants with a high standard of technical skill. Whether delivering advice on cutting edge information security architectural solutions, conducting management controls audits, or in-depth technical penetration testing our consultants always deliver a quality end-to-end service.

Prism Infosec operates a fully certified (UKAS accredited) ISO27001:2013 Information Security Management System (ISMS) and ISO9001:2015 Quality  Management System (QMS).

Prism Infosec’s innovative approach to the delivery of PCI projects and technical security testing was recognised with a PCI Award for Technical Excellence in January 2020. The award was presented for the delivery of a client project that was considered by the review panel to be an outstanding example of best practice.

our cyber security services

Delivering a range of testing and consulting services to our clients for over a decade, Prism Infosec works with a global client base to provide high quality solutions and pragmatic recommendations to effectively manage cyber risk.

Cyber Security Assessments

Test your information security controls and ascertain weaknesses and vulnerabilities

GRC and Information Security Consulting

Engage a Prism Infosec security consultant to help manage your cyber security risks.

Cloud Security

Manage the risks associated with procuring, migrating or delivering cloud services.

LATEST NEWS AND VIEWS

News article
Microsoft Windows Active Directory Critical Vulnerability (CVE-2020-1472)

Posted on

Given the nature of the vulnerability and that it is likely that exploits will be released in the coming days, Prism Infosec are making its clients aware of a critical vulnerability affecting Microsoft Windows Active Directory (AD) servers. The vulnerability takes advantage of a weak cryptographic algorithm used in the Netlogon authentication process and is described in CVE-2020-1472.

Read more...

News article
Prism Infosec gains NCSC CHECK Green Light Status

Posted on

Prism Infosec is delighted to announce that following a rigourous review by the UK National Cyber Security Centre (NCSC) of our people, delivery / reporting standards and methodologies we have become an NCSC CHECK Green Light organisation.  This enables Prism Infosec to deliver our high quality penetration testing services and IT Health Checks to UK […]

Read more...


So yes, Zerologon (CVE-2020-1472) is quite easy to exploit. Unauthenticated user to Domain Admin. This is really scary. Run exploit, DCSync with DC account and empty NT hash: you have Domain Admin and a broken DC.
Awesome find by Tom Tervoort 🙂. Patch patch patch!

Prism Infosec is delighted to announce that its approach and methodologies for the delivery of Simulated Target Attack (STAR) Intelligence-Led Penetration Testing (red teaming) services has been assessed and approved by CREST.

#CyberSecurity #CRESTadvocate #STAR #pentest

request a callback

Please complete the form below and we will get in touch with you to discuss your requirements

  • Fields marked with an * are mandatory

  • This field is for validation purposes and should be left unchanged.