Cybersecurity services and Integrated Risk Management solutions provider SureCloud has announced that it has been accredited to provide Simulated Target Attack and Response (STAR) Intelligence-Led Penetration Testing services by the not-for-profit accreditation and certification body, CREST that represents the technical information security market.
CREST developed the STAR framework to deliver intelligence-led cybersecurity testing, incorporating advanced penetration testing and threat intelligence services to more accurately replicate cybersecurity threats to critical assets. To meet CREST’s stringent requirements to secure STAR service provider status, SureCloud had to demonstrate its robust methodologies and sophisticated capabilities relating to the latest vulnerabilities and cybercrime techniques, as well as meeting government and risk management requirements.
We have recognised their high professional service standards and the rigorous approach"
Mitigating risks
President of CREST, Ian Glover said, “SureCloud has been successfully assessed against our strict criteria for the supply of Simulated Target Attack and Response (STAR) Intelligence-Led Penetration Testing services. In accrediting SureCloud, we have recognised their high professional service standards and the rigorous approach they take in helping their customers mitigate risks and safeguard against advanced cyber-attacks. We congratulate them on this excellent achievement.”
SureCloud’s VP of Cybersecurity, Mike Harrison, said, “The CREST STAR accreditation is a real testament to our capabilities as a business and it’s an important industry benchmark for delivering STAR intelligence-led penetration testing services. We’re proud to be amongst only 5% of UK penetration testing vendors that have been awarded this accreditation and are therefore able to offer STAR services in line with the high standards set by CREST. The fact we can deliver this excellent service through our vulnerability management platform means further value for our clients.”
SureCloud’s Penetration Testing services have been CHECK approved since 2009
This accreditation reinforces the strong performance of the SureCloud team in undertaking Red-Team simulated Cyber Attack services for their clients. Techniques used are typically a blend of penetration testing, social engineering and physical breach attempts, with the overall aim being that organisations can prevent, detect and respond to the attack as if it were real. Crucially, this gives them a realistic overview for testing crisis management procedures, and how they might need to improve.
Minimising risks of potential data breaches
Given the complexity of these engagements, the standards you need to achieve a STAR accreditation are set exceptionally high, as it is imperative that the increasing number of organisations looking to undertake these engagements can understand who has the capability to deliver the highest quality service to them.
SureCloud’s Penetration Testing services have been CHECK approved since 2009, and has been re-certified by the Payment Card Industry Security Standards Council (PCI SSC) as a PCI Approved Scanning Vendor (PCI ASV) for more than 10 years running. SureCloud is certified by internationally recognised ISO/ IEC 27001 for achieving operational excellence, minimising the risks of potential data breaches. SureCloud is also certified by Cyber Essentials Plus, complying with the requirements of the scheme, which focuses on technical control themes such as firewalls, secure configuration, user access control, malware protection and patch management.
