CREST is a not for profit organisation that serves the needs of a technical information security marketplace that requires the services of a regulated professional services industry.
CREST represents the technical information security industry by:
- offering a demonstrable level of assurance of processes and procedures of member organisations
- validating the competence of their technical security staff
- providing guidance, standards and opportunities to share and enhance knowledge
- providing technical security staff recognised professional qualifications and those entering or progressing in the industry with support with on-going professional development
CREST provides organisations wishing to buy penetration testing services with confidence that the work will be carried out by qualified individuals with up to date knowledge, skill and competence of the latest vulnerabilities and techniques used by real attackers.