CREST Testing
As a CREST member company, commissum has been verified as meeting the rigorous standards mandated by CREST.
CREST (Council of Registered Ethical Security Testers) is a trade association, operated as a not-for-profit organisation governed by a formal Memorandum of Association (MOA) as a company limited by guarantee.
Companies such as commissum are invited to join the trade association as members, subject to certifying that they meet CREST’s rigorous minimum standards in all areas. These standards cover ethics, methodologies, and technical capability.
CREST is a standards-based organisation for penetration test suppliers, incorporating a best practice technical certification programme for individual consultants. The fact that CREST assess the credibility and capability of the member company as well as the consultants engaged for penetration testing is only matched by one other scheme; the government CHECK scheme operated by CESG (the UK government's National Technical Authority for Information Assurance). CESG also recognises the equivalence of the CREST exams for assessing the competence of penetration test consultants.
Additionally, CREST provides its members with a framework of guidance including standards, methodologies and recommendations, which is aimed at ensuring the very highest standards of leading-edge security testing.
commissum is a full CREST member company, and therefore able to conduct CREST Approved Testing. In contracting with commissum as a CREST member organisation to perform security testing, clients can rest secure in the knowledge that the work will be carried out to rigorous standards by qualified and knowledgeable individuals.
Get in touch with one of our security consultants today
- No obligation
- Expert advice
- Tailored solutions
"commissum recently provided us with services to assess a web application and supporting infrastructure. I was impressed with the consultants throughout the project, by their technical knowledge, flexibility, open communication and willingness to go that extra mile. Of particular benefit was the sound advice given both during and after the engagement. By identifying vulnerabilities promptly, accompanied with practical recommendations on how to address them. We were able to implement improvements quickly. Good value, a job well done.”
JM, Infosec Analyst, International Investment Bank
Latest News
Botnets go mobile and net a lucrative catch
Researchers at security firm Symantec and at North Carolina State University have recently discovered a large and successful botnet -- with the twist that this one involves mobile phones, specifically Android smartphones.A botnet is a cluster of devices infected with the same malware (unknown to their owners), and under the ...Wed 15 Feb, 2012 //
_display_thumbnail_image.jpg)
Government cybersecurity report urges awareness rather than fear
The UK Government's Science and Technology Committee has released a report on malware and cybercrime in the UK.Malicious software, or "malware", infects computers and steals banking details and personal identity information, which can be used for identity theft. It poses a growing threat in the UK, as more people use ...Fri 10 Feb, 2012 //
UK cyber-security among the world's best in recent report
A new report collates the views of international cybersecurity experts to grade several countries according to the strength of their defence against Internet attacks.  The report, sponsored by the computer security company McAfee, ranks Israel, Finland and Sweden as the top-performing countries, with four and a half out of five ...Tue 31 Jan, 2012 //
