In the past two years, Sheffield-born cybersecurity business Sitehop has escalated from the actualisation of a business idea to gaining their first global customer.
It is always a pleasure to interact with a fellow startup company, particularly one that has seen so much growth like ourselves at OnSecurity. That’s why I was delighted to sit down with Ben Harper, CTO and Co-Founder of Sitehop, to discuss Sitehop’s adoption of OnSecurity as a pentest provider, and receive some insightful feedback on their experience with our platform.
Who are Sitehop?
On a mission to advance high-speed enterprise network security, Sitehop is a startup company with a wealth of accolades under its belt for their advancements as a cutting-edge cybersecurity business. In their short time of development, they have garnered national recognition through their game-changing approach to network encryption.
“Everybody knows they need encrypted networks, but it always adds an overhead in terms of throughput, cost of ownership, and latency. Here at Sitehop we solve these problems. I’d say we’re gamechangers”. Ben says proudly.
"Sitehop has always tried to tackle hard problems within the enterprise networking space, going forward we see the transition to Post Quantum Cryptography (PQC) an area where we can really help our customers. Our encryption solution allows for crypto agility to always keep up with the latest standards."
What made you choose OnSecurity?
There’s several reasons the Sitehop team opted for OnSecurity over major competitors. “OnSecurity were recommended to us by our angel investor. I trust his opinion very highly, so having a warm recommendation from him was held in very high esteem for me.” Ben says. “But this doesn’t mean we didn’t perform due diligence. Our Head of Software scoped OnSecurity and was really interested.”
I’m curious about what specifically stood out for him. “The real-time reporting was the main thing, I think.” Ben pauses thoughtfully. “My Head of Software was really impressed, he said he’d never seen something like that before. It gave us a lot of confidence.”
What did you need our services for?
“For us, OnSecurity helped with our cloud-based platform. We have a NMS (network management system) that manages all of our physical applications, and that NMS is effectively how we set up our connections and certifications. It’s our root of trust for all of these ‘boxes’. Making sure that our CMS is secure is invaluable to us- it's central to not only business operations, but to our customers, too.” Ben also acknowledges that the business’ expansion made it a critical time for testing their security posture. “We’re rapidly expanding”.
What did you think of the onboarding process?
“In terms of the onboarding process, it was a simple- but extensive- questionnaire, which was really great, because you could just go through and-” Ben gestures, miming clicking buttons and organising items effortlessly- “You’re done in no time. I really like that style of onboarding process, as going back and forth loads in alternative processes is tiring and time-consuming.”
“The pre-requisites were also handled well.” He adds. With OnSecurity, you tick a few boxes contextualising your needs, without an excess of dreaded paperwork. “Other pentest providers inundated us with hefty contractual stuff, emails, and sign-offs” Ben says, before expanding that he found it overwhelming and detrimental to the business’ schedule.
“Pentest providers should give clients a net-positive of their time. If clients are having to spend a lot of time managing the process, it becomes tedious. OnSecurity’s services were quick and straightforward.”
How did this compare to your experiences with other pentesting services?
“In my previous roles where a pentest was necessary, we received constant false positives. Unpacking these, it became apparent that many of them weren’t threats at all, and simply the static code scanner picking up on benign things, but flagging them as threats.”
“Real testers using real business logic to assess potential vulnerabilities has provided us with far more enriching and accurate information on our security position. Having real people to do the testing is a really big part of why we’d use OnSecurity again for our next set of testing.”
Ben and his IT team were especially impressed by the flexible, free retest window, which gives teams the opportunity to verify that any fixes they've implemented are successful. “The free retest period is great. Not only can we instantaneously act on vulnerabilities due to live reporting, but we can then undergo free restesting to ensure we have remediated these vulnerabilities is extremely helpful. It saves us time and money going through an entire re-iteration.”
Ben says that OnSecurity delivered a level of speed and thoroughness that surpassed previous vendors. With time being a critical factor in Sitehop's operations, this was incredibly beneficial. “The fact it can be done so quickly, and all in one initial and transparent cost, is hugely beneficial to our business. Time is incredibly valuable to us, and OnSecurity recognises this.”
Closing Comments
Overall, Ben and his software development team were impressed by OnSecurity’s meticulous and manual approach to pentesting. The logic and attention to detail demonstrated by OnSecurity’s pentesting team was unparalleled by alternative pentest providers, and Sitehop are confident that they will be long-returning customers.
“Sitehop has incredibly high standards as a business and OnSecurity has exceeded these. All I’ve had to say today has been positive, and I hope our experience will help other customers to see the value your business provides.”
Explore OnSecurity’s testing services and receive an instant quote today!
