CREST provides organization’s wishing to buy penetration testing services with confidence that the work will be carried out by qualified individuals with up to date knowledge, skill and competence of the latest vulnerabilities and techniques used by real attackers. All examinations used to assess individuals have been reviewed and approved by GCHQ, NCSC “National Cyber Security Centre” They will also know that the penetration testers are supported by a company with appropriate policies processes and procedures for conducting this type of work and for the protection of client information”.
Crest is a not for profit organisation serving the technical information security marketplace. It provides assurance of processes and procedures for those needing assistance with digital security by validating the processes and credibility of its members.
Crest gives organisations seeking “Penetration Testing Services, Threat Intelligence or Incident Response Services with confidence the work will be carried out by qualified individuals with up to date knowledge, skills and competence of the latest vulnerabilities and techniques used by real attackers.”
DigitalXRAID gained membership last month and will be listed as a registered and approved member at the Crest website www.crest-approved.org.
Crest also provide guidance, standards and opportunities to share and enhance knowledge and give technical security staff recognised professional qualifications and those and others within the industry support with ongoing professional development.
The main aim of the organisation is to “increase professionalism in the security testing industry”. To become members prospective applicants have to meet criteria covering company operating procedures and standards, personnel security and development, their approach to testing and of course their own data security. Member companies have to provide copies of their insurances, sample client contracts and terms and copies of standards compliance certificates e.g. ISO27001 and ISO9001.
DigitialXRAID work to ISO 27001 and ISO 9001 frameworks.
Crest have a code of conduct and ongoing requirements which member technical security companies must adhere to and membership is refreshed each year.
Here at DigitalXRAID we believe in only the most robust standards and security practices and work tirelessly to improve our company, our staff (who we believe are No1), our processes and our knowledge to ensure we remain ahead of potential security threats for our customers.