Security Alliance has successfully retained its coveted CREST STAR Threat Intelligence provider status. This accreditation demonstrates its continuing competency in delivering intelligence-led cyber security services.
The cyber threat intelligence services provided by Security Alliance identify relevant threat actors and replicate security threats to critical assets. Security Alliance uses a range of methods to achieve this including asset inspection, threat assessment, robust intelligence analysis, scenario generation and detailed reporting.
Following the cyber threat intelligence exercise, Security Alliance leverages the skills and experience of it's CREST STAR penetration testing members to provide a managed simulated attack service. This enables clients to identify system and process vulnerabilities that could be exploited by threat actors in pursuit of critical assets. The targeted approach focuses on the greatest risks and most important mitigation measures. It also enables board members to prioritise resource allocation.
John Beale, Managing Director of Security Alliance says,
“We are delighted to remain one of the few organisations to meet the rigorous requirements of CREST in the Threat Intelligence arena. The CREST STAR scheme has gained significant traction in the last 12 months, as organisations face increasingly capable cyber adversaries, and are needing to take more measured and intelligence-based decisions to protect their critical assets.
"The rapid growth in the volume and sophistication of cyber attacks requires more efficient cyber security strategies. Companies should therefore seek to understand the techniques, tactics and procedures of their most likely adversaries."
Security Alliance is an intelligence-driven cyber security consultancy made up of conventional intelligence and cyber intelligence professionals with military, agency, law enforcement and technical backgrounds. We blend deep technical expertise with traditional intelligence methodologies to help organisations make better security decisions.
CREST is a not-for-profit body that represents the technical information security industry. CREST provides internationally recognised accreditations for organisations and certification of individuals providing penetration testing, cyber incident response, threat intelligence and security architecture services. Member companies undergo a rigorous accreditation process that assesses methodologies, legal and regulatory standards, staff vetting and data handling.
CREST qualified individuals have to pass challenging professional level examinations that demonstrate their knowledge, skill and competence. CREST member companies and CREST qualified individuals sign up to strict and enforceable codes of conduct. All examinations and processes have been reviewed and approved by CESG, the Information Security arm of GCHQ.
For more information visit: www.crest-approved.org
