How Sapphire’s Penetration Testing Portal is Making a Difference

In September 2023, we launched the Sapphire penetration testing portal, a platform designed to simplify reporting, collaboration, and vulnerability management for our customers. Our goal was to create a seamless, end-to-end solution that helps organisations stay on top of their security posture without the usual hassle of manual tracking and updates.

A little over a year later, we’re delighted to see its impact. With almost 100 organisations onboarded, the portal has proven to be an invaluable tool for streamlining security operations and improving efficiency.

What the Portal Offers

The Sapphire portal provides online access to standard Sapphire reports, both management and technical, allowing customers to download them conveniently. But it goes beyond just reports. It enables organisations to update and monitor the remediation status of vulnerabilities, ensuring nothing slips through the cracks.

Whether you’re conducting Breach Attack Simulations (BAS), penetration tests, or vulnerability assessments, the platform allows us to analyse data, prioritise the most critical issues, and collaborate with internal teams or third parties. By automating these processes, security teams can focus on what truly matters: addressing vulnerabilities and strengthening defences.

Key Benefits for Clients

1. Clear visibility: A visual dashboard presents real-time insights, including test results, trends, severity levels, and recurring vulnerabilities.
2. Efficiency: Clients can directly update and track remediation progress, reducing unnecessary back-and-forth communication.
3. On-demand access: Reports can be downloaded anytime at our clients convenience.
4. Enhanced security: The platform is secured with multi-factor authentication (MFA), and all application data is stored in an encrypted virtual machine (VM).
5. Access control: organisations can easily revoke access for departing employees, maintaining tight control over sensitive information.

Lessons Learned Along the Way

With any new platform, there’s always room to refine and improve. Here are a few things we’ve picked up over the past year:

1. Understanding the internal structures of our client’s businesses beforehand helps us assign the most suitable consultants.
2. Clients sometimes time out on their initial login links, requiring a reset. Giving them a heads-up about this helps avoid delays.

What’s Next?

While the portal has been a game-changer, we’re always looking for ways to improve it. Some areas we’re working on include:

1. Governance, Risk and Compliance (GRC) and Cyber Essentials Plus (CE+) report integration: Custom report templates are in productio to allow customers to upload and view results directly in the portal.
2. Importing external scan results: It allows clients to upload their own scan and test data for a more comprehensive security overview.
3. Automated downtime notifications: Whether via automated emails or in-portal pop-ups, we aim to improve how we communicate maintenance updates.

A Value-Add for Our Customers

Access to the Sapphire testing portal remains free of charge as a thank-you to our loyal customers. We believe in providing value beyond our core services, ensuring organisations have the tools needed to stay ahead in today’s evolving cyber security landscape.

We’re incredibly proud of how far the portal has come and look forward to improving it in the years ahead. If you’re a Sapphire customer and haven’t explored the portal yet, now’s the time to take advantage of it!

Contact Sapphire on 0845 58 27001 to learn more.