1. Topics
  2. Penetration Testing

Penetration Testing

Security assessment and vulnerability testing services. 233 UK councils have discussed penetration testing in monitored meetings — track who, where and how the conversation is moving.

Councils discussing233
Meeting mentions2,647
Last 3 months238

What councils are saying about penetration testing

Penetration Testing is one of the procurement themes QuorumInsight tracks across UK local government, detected in 2,647 meeting mentions spanning 233 councils. Every mention comes from an analysed council meeting — a cabinet decision, a committee discussion or a budget report — so this is a picture of what councils are actually planning and debating, not a directory of published tenders.

Discussion has cooled quarter-on-quarter: there were 238 mentions in the last three months, against 288 in the three months before. For suppliers, that matters because activity in a council meeting typically precedes any formal procurement by months. Reading it early is the difference between shaping a requirement and responding to one.

Mentions over the last 12 months

Monthly penetration testing mentions across all monitored UK councils, by meeting date. The current month is excluded while it is still in progress.

Most active councils

Edinburgh City Council in Scotland is the most active authority on penetration testing, with 159 mentions across 159 monitored meetings — around 6% of all penetration testing discussion QuorumInsight has tracked. The council returned to the subject as recently as its “Digital & Asset Strategy” meeting on 11 Jun 2026.

Central Bedfordshire Council (71 mentions) and City of London Corporation (66) are also notably active. The full list of leading councils is below — each links to its live intelligence profile.

In councils’ own words

Recent meetings where penetration testing came up, with the relevant passage from the discussion. Each meeting links to the council’s intelligence profile.

Basingstoke and Deane Borough Council · IT & Cyber Proc · 30 Mar 2026

we would recommend that they consider some sort of external audit, IT cyber audit that probably goes beyond the regular penetration testing and other stuff that happens under PCIDSS

Tandridge District Council · Audit Progress & System Controls Review · 4 Dec 2025

… so it was actually just getting to the right officer to provide that in the data and also give us the responses in terms of what potential uh penetration tests you've run as well during the year

Suffolk County Council · Detective Recruitment & Estate Review · 10 Oct 2025

Um, it's the the the the new system is much more automated... we are almost ready. Um, we now are just in that um that timing where we're doing the penetration testing... I'm going to tell you mid November. My fingers are crossed.

East Riding of Yorkshire Council · LGPS Reforms & Dashboard · 17 Sept 2025

… provider to be our ISP provider | The connection date for connecting to the ISP was the 31st of October 2025 | Civica were carrying out some penetration testing with the pensions dashboard programs security authority. That testing unfortunately has been rejected by the PDPA

Stratford-on-Avon District Council · Audit & Governance · 28 Jul 2025

we do engage external people to do penetration testing. We have external companies testing other weaknesses. And... we will be looking to do the same with members as well to ensure that they're not compromising.

Richmond upon Thames London Borough Council · Change & Risk Review · 1 Jul 2025

“external companies doing the online monitoring of the risks for us, because we're not able to monitor systems ourselves 24 -7, and penetration testing and all that.”

Related topics

Track penetration testing across every council

Set an alert on penetration testing and get notified whenever a monitored council discusses it — with the meeting, the context and the quote.

Start for freeBrowse all topics