A Guide to CREST Penetration Testing

Lewis Fairburn

Marketing Manager

What is CREST?

CREST, or the Council of Registered Ethical Security Testers, is an independent accreditation and certification body for the information security industry. It ensures that penetration testers have a minimum standard of qualifications and experience. By using CREST-approved testers, organisations can be certain that their chosen tester is properly qualified to carry out the work.

Why Choose CREST-Approved Testers?

CREST-approved testers are highly experienced and qualified professionals who have demonstrated their technical capabilities. They operate in accordance with the highest ethical standards of conduct, maintaining confidentiality and professional integrity. All CREST-approved testers must adhere to the strict Code of Conduct, which sets out a clear framework for acceptable behaviour. This ensures that organisations can trust their chosen tester to carry out the work without any risk to their systems or data.

In addition, CREST-approved testers must have appropriate insurance cover in place at all times. This protects organisations from any potential liabilities that may arise during the testing process.  

CREST also provides guidance and support to its members throughout the entire  process. This includes guidance on developing test plans, report writing, and other best practices. By using CREST-approved testers, organisations can be sure that the highest standards of professionalism are maintained throughout the entire testing process.

How to Find a CREST-Approved Tester?

Organisations can find a list of CREST-approved testers on the CREST website. Here, they can search for a tester by their experience and qualifications. The list includes information about each tester’s location, contact details, and the services they offer. In addition, the list also provides ratings from previous clients that have used the tester’s services in the past.

Thankfully Pentest People are a CREST accredited business for Penetration Testing and have a range of CREST accredited testers, meaning you don't need to look any further for your testing!

The Benefits of CREST-Approved Testing

  • Assurance of Quality: CREST-approved testers have gone through rigorous vetting to demonstrate their expertise, ensuring top-quality penetration testing.
  • Trustworthy Professionalism: Adherence to CREST's strict Code of Conduct ensures the highest ethical standards, allowing organisations to entrust their systems to these professionals.
  • Insurance Protection: CREST testers are required to have insurance cover, providing organisations with an added layer of financial protection.
  • Ongoing Support: CREST provides continuous guidance to its members, resulting in testers who are up-to-date with best practices in developing test plans and reporting.
  • Transparency and Ease of Selection: The CREST website offers a detailed list of testers, including their qualifications, location, and customer ratings, making the selection process straightforward for organisations.
  • Clear Communication: Direct contact with the selected tester facilitates a clear understanding of the test's scope and objectives, ensuring that the work meets the organisation's specific requirements.  

The Benefits of Working With Pentest People

When it comes to finding the right CREST-approved tester for your organisation, there is no better choice than Pentest People. Our team of experienced and certified testers provide organisations with a reliable and cost-effective solution to their security needs. We provide a range of services, from penetration testing and security reviews to training and consultancy services.

Our team is committed to ensuring that the highest standards are maintained throughout the entire testing process. We take pride in our professional approach and our dedication to giving organisations the best possible service. Contact us today to find out how we can help you protect your organisation.

Video/Audio Transcript