We care deeply about your information and your right to test your systems for cyber security vulnerabilities; our products include industrial strength automated penetration testing. Before allowing any “Gold” tests we will need to be able to confirm you are either; the legal owner of the web site, or acting on behalf of the legal owner of the web site. We use a process that should be familiar to anyone that has opened a bank account. The example below is from the UK. We are registered with the UK’s Office of the Information Commissioner and all of your data is held securely (both in transit and at rest).
- Acceptable forms of legal entity verification
Two of: VAT Registration; Certificate of Incorporation; Companies House Document; HHMRC VAT Certificate; HMRC Account Statement; Charity Commission Document; or OSCR Scottish Charity Regulator.
- Acceptable forms of identification
One of: Passport; Driver license; Resident permit; Citizen Card; Electoral ID; or Validate UK.
- Acceptable forms of address verification
One of: Driver license; Utility Bill; Statement from a financial institution; Government issued letter; Solicitors letter; Council or housing association documentation; Benefits Agency documentation; Electoral Register entry; NHS Medical Card; GP letter of registration with the surgery.
- Acceptable forms of domain verification
One of: Invoice from Domain Register; Registration with a Matching Email Address; DNS Text Record; Matching Legal Entity