CREST Testing
As a CREST member company, commissum has been verified as meeting the rigorous standards mandated by CREST.
CREST (Council of Registered Ethical Security Testers) is a trade association, operated as a not-for-profit organisation governed by a formal Memorandum of Association (MOA) as a company limited by guarantee.
Companies such as commissum are invited to join the trade association as members, subject to certifying that they meet CREST’s rigorous minimum standards in all areas. These standards cover ethics, methodologies, and technical capability.
CREST is a standards-based organisation for penetration test suppliers, incorporating a best practice technical certification programme for individual consultants. The fact that CREST assess the credibility and capability of the member company as well as the consultants engaged for penetration testing is only matched by one other scheme; the government CHECK scheme operated by CESG (the UK government's National Technical Authority for Information Assurance). CESG also recognises the equivalence of the CREST exams for assessing the competence of penetration test consultants.
Additionally, CREST provides its members with a framework of guidance including standards, methodologies and recommendations, which is aimed at ensuring the very highest standards of leading-edge security testing. In engaging with a CREST accredited company, clients can be confident that work will be carried out by qualified individuals with an up to date knowledge of the latest vulnerabilities and techniques used by real attackers, backed by a company with proven methodologies for the secure storage and protection of their data.
commissum is a full CREST member company, and therefore able to conduct CREST Approved Testing. In contracting with commissum as a CREST member organisation to perform security testing, clients can rest secure in the knowledge that the work will be carried out to rigorous standards by qualified and knowledgeable individuals.
Get in touch with one of our security consultants today
- No obligation
- Expert advice
- Tailored solutions
"commissum recently provided us with services to assess a web application and supporting infrastructure. I was impressed with the consultants throughout the project, by their technical knowledge, flexibility, open communication and willingness to go that extra mile. Of particular benefit was the sound advice given both during and after the engagement. By identifying vulnerabilities promptly, accompanied with practical recommendations on how to address them. We were able to implement improvements quickly. Good value, a job well done.”
JM, Infosec Analyst, International Investment Bank
Latest News
Alleged Chinese Government Hacking Department back in action
Allegedly the Chinese state sponsored cyber division named as Unit 61398 are back in action after a lull in their activities. This group that allegedly specialises in governmental and industrial espionage was very active and successful up until February this year. The targets of Unit 61398, also known as APT1, have ...Tue 21 May, 2013 //
Leading USA military contractor QinetiQ hacked and ransacked by Chinese hackers for three years
A new report from Bloomberg, the business information provider (www.bloomberg.com/news/2013-05-01/china-cyberspies-outwit-u-s-stealing-military-secrets.html) outlines how hackers from China stealthily infiltrated the computer systems of QinetiQ North America, a leading espionage and military contractor to the US government, and the US branch of the British defence technology company QinetiQ. A vast range of highly ...Wed 08 May, 2013 //
Suspected hacker arrested after “biggest-ever DDoS attack”
Police in Spain have arrested a Dutch national on suspicion of launching the largest-ever “Distributed Denial of Service” (DDoS) attack. Sven Olaf Kamphuis, 35, was arrested on April 25th near Barcelona, Spain. At the time, he was in possession of a specially-equipped van set up as a mobile computing and ...Tue 30 Apr, 2013 //
