Cyber Essentials PlusUK government-backed certification
The UK's gold standard for small-business cyber hygiene. Audited annually, recognised by government procurement and most UK enterprise buyers.
Cyber Essentials Plus is a hands-on audit against five technical controls: firewalls, secure configuration, user access control, malware protection, and security update management. Fortoxa provides continuous evidence for each — so the annual audit is a check, not a scramble.
Fortoxa's own certification
Fortoxa's certificate of Cyber Essentials Plus is available on request. Contact us and we'll share the current certificate, issuing body and expiry date.
Request our certificate →How Fortoxa maps to it
Firewalls & boundary controls
Fortoxa monitors perimeter configuration drift and flags exposed services, open ports and misconfigured cloud security groups in real time.
Secure configuration
Continuous scanning of endpoints, servers and SaaS apps for default credentials, unnecessary software and weak settings.
User access control
Identity and privilege audits across your workspaces: dormant accounts, missing MFA, excess privilege and shared credentials.
Malware protection
Behavioural detection on endpoints and inboxes, with alert routing to your team and evidence capture for auditors.
Security update management
Patch-status visibility across OS and third-party software with a rolling 14-day freshness target aligned with the CE+ requirement.
Audit-ready evidence pack
One-click PDF export bundling configuration snapshots, scan histories and remediation logs — the dossier your assessor needs.
The source
Fortoxa's mapping is our own interpretation. For the authoritative framework text, consult the regulator directly.
Read the NCSC Cyber Essentials scheme overviewGet compliant without hiring a security team
Fortoxa handles the monitoring, evidence collection and audit-ready reporting so your team can focus on the business.