CommSec is an established and Irish-owned Managed Security Service Provider (MSSP).

Penetration Testing Providers

CommSec is a leading provider of manual pen testing providers. We use the most experienced pen testers that are CREST certified to bring your top quality reporting. We are trusted by 100s of Irish companies to provide security testing for their networks, apps and systems. 

Confirming areas where security is mature, effective and fit-for-purpose, our Penetration Testing services also highlight vulnerabilities and provide our customers with a detailed written report including remediation recommendations.

Penetration Testing can include External Infrastructure Assessment, External Application Assessment, Mobile and IoT amongst others. Servicing clients throughout the island of Ireland, please contact our team to discuss your requirements.

IT Security Managed Services

MSOC+ Managed Detection and Response Service aka SOC as a Service

Most small and medium businesses lack the in-house capabilities required to keep pace with changing business demands, compliance mandates, and emerging threats for strategic implementation of new IT security solutions.

If you are a small-medium-sized business and you’ve read about or those breaches (or suspect that you have a breach) where intruders were inside networks for months, even years – you might be worried about whether there is malware embedded in your IT systems or not.

A SOC-as-a-Service helps you sleep better. We provide monitoring of your network and we review your network’s activity and detect anomalies.

We have trained certified cybersecurity engineers who can assess those anomalies and immediately alert you if something is amiss. You benefit from our ability to use cutting edge tools, including machine learning/Artificial Intelligence, and our ability to stay on top of security trends, and from our security teams expertise and experience. 

You don’t have the staff retention worries, the training costs, the purchase of bespoke tools and the maintenance of these tools. You have 24×7 monitoring and alerting with reviews of logs 8am – 6 pm Mon- Fri.

Our SOC as a Service is powered by Alien Vault’s Unified Security Management suite. This involves the discovery of assets in your estate, we then provide continuous vulnerability assessments, intrusion detection and behavioural monitoring with a full Security Incident Event Management (SIEM). This includes Glacial Storage which is the untampered evidence that will stand up in a court of law should you wish to prosecute offenders.

All of this is supported by Alien Vault Labs Threat Intelligence OTX – Open Threat Exchange. The benefit of this is as soon as a threat is detected in another customer site, the Labs get updated immediately and this is then available to all customers of the service giving real time updates to the latest threats.

GDPR/Data Protection

CommSec offer a broad range of services in relation to Data Protection. Many of our customers start with a comprehensive Data Protection Impact Assessment, conducted by one of our highly experienced Data Protection Consultants. The written report that follows provides a framework for continuously improving your Data Protection posture, including compliance with the General Data Protection Regulation (GDPR).

We also offer Training, including classroom and software options. Our classroom training empowers management and assigned Data Champions to communicate effectively and accurately with their teams. Software training solutions ensure that awareness is measured, employees working shifts or remotely are included, improvement metrics are reported and new hires are not missed.

Our DPO-as-a-Service offering is proving popular with customers who require a Data Protection Officer and where this is not a full-time role. Clients benefit from experienced, objective professionals who are skilled at board-level communication and have a track record of implementing effective Data Protection processes and practices, as well as associated documentation and audits. Finally, we offer the services of our Data Protection Consultants to provide support to the newly-appointed or under-resourced Data Protection Officer in many organisations.

Security Assessments

CommSec’s customers need to ensure that their IT security products, processes and practices are effective, documented and measurable. The methodology employed in conducting our Security Assessments is based on the ISO 27001 Information Security Standard combined with industry best practices and standards published by organisations such as the SANS Institute, the US National Institute of Standards and Technology, the US CERT Coordination Centre and the Centre for Internet Security, Cyber Essentials (UK) and NIST (US). 

Our comprehensive written report includes key findings and detailed prioritised remediation recommendations. This can form the basis for strengthening a robust IT security strategy, in line with company risk management and security objectives. We recommend carrying out a Security Assessment at least annually.

ISO 27001 Assessment

Working with certified ISO 27001 Auditors, you can be assured that you are continuously supported on achieving your goal of ISO 27001 certification.

Our phased approach includes Gap Analysis, Risk Assessment (including Risk Assessment Reports and Risk Treatment Plans), Alignment of Information Security Management System (ISMS) with ISO 27001 requirements, Implementation and pre-certification Audit. Documentation addresses the Statement of Applicability, Organisation Overview, Information Security Policy, Business Continuity Management, Internal Audit Reports, Document Control Procedure, Corrective and Preventive Action Procedures and Internal Audit Procedure. Our ISO 27001 clients have enjoyed a 100% success record in achieving certification by engaging with CommSec.

IT Security Consultancy

Increased operational efficiency and timeliness of project completion are on everyone’s agenda. Our skilled professionals provide many services including Project Management, provision of on-site and/or remote resources with skillsets to match your project, evaluation of existing solutions to ensure they are optimally deployed and represent value for money, assistance with your IT Strategy, planning for expected organisational growth, whether organic or through acquisitions, Vendor Relationship Management and many more.