CREST (Council of Registered Ethical Security Testers) was created in response to the need for regulated and professional security testers to serve the global information security marketplace. CREST`s main aim is to represent the information security testing industry and offer a demonstrable level of assurance as to the competency of organisations and individuals within those approved companies.

Penetration testing is a widely accepted method of assuring information security and has become an integral part of many organisations operational and technology risk management programs. Despite the widespread use of penetration testing, there has historically been a definite lack of agreed standards and practices.
CREST is a standards-based organisation for penetration test suppliers incorporating a best practice technical certification programme for individual consultants. CREST provides its members with a framework of guidance including standards, methodologies and recommendations aimed at ensuring the very highest standards of leading-edge security testing.


Why Have Sec-1 Chosen CREST?

Sec-1 believes that standards are important to ensure that our clients receive quality of delivery to guard the return on their investment.
In contracting a CREST member organisation to perform a security test, a client can feel secure in the knowledge that the work will be carried out to rigorous standards by qualified, knowledgeable individuals.


‘I thoroughly enjoyed my day with Sec-1, the live hacking was a real eye opener. It showed how online tools are readily available for hackers to use, which has led me to take preventative steps to ensure this doesn't happen to our network. Overall an informative day which I would actively recommend to others.'

Paul Bargewell
Charnwood Borough Council