Accreditation reinforces IOActive’s commitment to protecting its Global 1000 clients from the latest cyber threats and attacks
Seattle, Wash., September 11, 2018 — IOActive, Inc., the worldwide leader in research-driven security services, today announced the company has been awarded CREST accreditation for its penetration testing services and will join CREST as its newest member company. By achieving CREST accreditation, IOActive’s global customers are assured that IOActive’s penetration tests meet the highest standards and that the work will be carried out by highly-qualified security consultants with all of the required skill, competence, and knowledge of the latest vulnerabilities and techniques exploited by attackers.
“This CREST accreditation is incredibly valuable as we continue expanding our global base of critical infrastructure and financial services clients who utilize our penetration testing services,” said Jennifer Steffens, CEO of IOActive. “For two decades, IOActive has invested in hiring only the best and brightest penetration testers and security consultants that can provide our clients with the highest quality of security services. This CREST membership underscores our commitment to protecting our customers from the most sophisticated cyber attacks and threats.”
CREST is a not-for-profit accreditation and certification body that represents and supports the information security market. CREST accreditation is a prerequisite for suppliers to engage with many public sector and private enterprise customers, including some of the world’s largest public companies. To achieve CREST membership, IOActive went through a very demanding assessment process that examines test methodologies, legal and regulatory requirements, data protection standards, logging and auditing, internal and external communications with stakeholders and how test data security is maintained.
“Congratulations to IOActive on its CREST membership,” said CREST President, Ian Glover. “In addition to being one of the leading penetration testing companies, the ability to work collaboratively with IOActive’s research teams will provide the opportunity to expand the understanding of how to address technical cyber security issues in complex environments, including critical national infrastructure.”
With proficiency far beyond off-the-shelf tools or remotely managed services, IOActive leverages an attacker’s perspective to identify the highest risk vulnerabilities and provide actionable recommendations for remediation. IOActive has been at the forefront of penetration testing across the full stack of technologies including: mobile applications, infrastructure, wireless, cloud environments, embedded devices and web services. Going deeper than traditional pen test companies, IOActive incorporates each industry’s unique requirements and risk factors into our methodologies and analysis to ensure the most effective testing and remediation recommendations.
CREST provides internationally recognized accreditations for organizations providing technical security services and professional level certifications for individuals providing penetration testing, cyber incident response, threat intelligence and security operations center (SOC) services. CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure currency of knowledge in fast changing technical security environments the certification process is repeated every three years.
CREST is governed by an elected Executive of experienced security professionals who also promote and develop awareness, ethics and standards within the cyber security industry. CREST supports its members and the wider information security industry by creating collaborative research material. This provides a strong voice for the industry, opportunities to share knowledge and delivers good practice guidance to the wider community.
IOActive is the industry’s only research-driven, high-end information security services firm with a proven history of better securing our customers through real-world scenarios created by our security experts. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from security advising to penetration testing and application code assessment to chip reverse engineering across multiple industries. IOActive is the only security services firm that has a dedicated practice focusing on Smart Cities and the transportation and technology that connects them. Global 1000 companies across every industry trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, US, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Read the IOActive Labs Research Blog: http://blog.ioactive.com. Follow IOActive on Twitter: http://twitter.com/ioactive.
Allie Andrews, CREST
UK: +44 (0) 7940 452710
Michelle Schafer, Merritt Group for IOActive
Augustus Walton, Spark Communications for IOActive
US: +44 (0) 207.436.0420