CREST (Council of Registered Ethical Security Testers) was created in response to the need for regulated and professional security testers to serve the global information security marketplace. CREST`s main aim is to represent the information security testing industry and offer a demonstrable level of assurance as to the competency of organisations and individuals within those approved companies.

Penetration testing is a widely accepted method of assuring information security and has become an integral part of many organisations operational and technology risk management programs. Despite the widespread use of penetration testing, there has historically been a definite lack of agreed standards and practices.
CREST is a standards-based organisation for penetration test suppliers incorporating a best practice technical certification programme for individual consultants. CREST provides its members with a framework of guidance including standards, methodologies and recommendations aimed at ensuring the very highest standards of leading-edge security testing.


Why Have Sec-1 Chosen CREST?

Sec-1 believes that standards are important to ensure that our clients receive quality of delivery to guard the return on their investment.
In contracting a CREST member organisation to perform a security test, a client can feel secure in the knowledge that the work will be carried out to rigorous standards by qualified, knowledgeable individuals.


'Following (our) initial meeting Sec-1 was requested to provide a Penetration Test for the Halcrow Group. The standard of report received has resulted in Sec-1 being the provider of choice for Penetration and Application Testing for the Halcrow Group and are retained for the foreseeable future.'

David Grant
Halcrow Group