Speak to an expert

Thank You

Your form has been submitted successfully.
Oops! Something went wrong while submitting the form.


Intelligence-Led Penetration Testing

SecAlliance is one of the leading providers of threat intelligence assessments. Having performed numerous CREST STAR threat assessments and one of the first STAR-FS engagements, we are one of the most experienced and best qualified providers of CREST STAR and STAR-FS threat intelligence assessments in the market.

Our Intelligence Driven structured approach to performing this service provides the customer with a clear picture of the most likely and dangerous threats they face, how those threats are likely to manifest, and the elements of the organisation’s digital footprint threat actors would exploit in an attack.

STAR & STAR-FS Approved

crest star

What are STAR and STAR-FS

CREST STAR (Simulated Targeted Attack and Response) is a framework similar to CBEST, which allows organisations outside CBEST or similar frameworks, of any maturity, in any industry to conduct a structured and professional intelligence led penetration test (simulated attack/Red Team) with accredited providers and certified individuals.

CREST STAR adopts the same core principles of CBEST, whereby the threat intelligence guides the testing, replicating credible threat actors, leveraging up-to-date tactics, techniques, and procedures (TTPs).

STAR-FS Follows the exactly the same principles, except that it is designed to be applied to the financial sector without geographic constraint, again outside the remit of CBEST and with limited involvement from the regulator.

The Ultimate Preparation

CREST STAR is an ideal vehicle for preparing you for the likes of a CBEST, GBEST, TBEST, iCAST or TIBER assessment; as part of a two yearly testing cycles, to drive overall cyber resilience or to generally understand:

  • What are the threats and threat actors applicable to my organisation, my eco-system and my sector(s).
  • How these attacks are likely to manifest.
  • What affects could there be on my core business functions/important business services.
  • What our digital footprint looks like to an attacker and how will it be exploited.
  • How well do my security controls perform against a simulated attack by these actors.
  • What remediation steps do I need to perform to better predict, prevent, detect and respond to these attack scenarios.
Speak to a CREST expert
Ultimately, adopting the CREST STAR and STAR-FS frameworks ensure the same expectations, quality and professionalism are applied to intelligence-led testing as other frameworks driven by the regulator.

Why SecAlliance

We are a pure-play cyber threat intelligence company and specialise in threat assessments within this framework and equivalent schemes such as CBEST, GBEST, TBEST, iCAST and TIBER


We understand the value of intelligence-led red teaming when it is performed by fully qualified and experienced intelligence professionals


We have experience in conducting STAR engagements in a wide range of geographies outside of the UK and Europe, and in all key business and government sectors


Based on our experience and qualifications, we are confident that there is no other CTI provider better placed to conduct STAR engagements.

Speak to a CBEST expert

The Reporting

The assessment offered by SecAlliance covers two main areas: the Threat Intelligence Assessment and Targeting Intelligence:

Threat Intelligence Assessment

This contains the detailed analysis of your unique threat landscape. It is an assessment leveraging structured analytical techniques to identify the most relevant threat actors to you based on your organisation and critical business functions. A key output of this phase is the creation of realistic threat scenarios, which can be used by the red team to simulate during their attack. These are underpinned by threat level scoring, relevant use cases, and threat actor profiling.

Targeting Assessment

In combination with the threat assessment, we also provide an in-depth review of your digital footprint. The purpose is to perform reconnaissance in the same way an attacker would against your organisation. We explain how these findings, which will be gathered through technical and manual collection techniques, can be leveraged by threat actors. These findings feed into the final attack scenarios. We also provide supporting mitigation and remediation advice for the findings.

Threat Scenarios

To create the threat scenarios we fuse the likely attack scenarios, business functions, compromise actions, and infrastructure with the identified targeting findings, modus operandi and TTPs of the relevant threat actors. This provides you with detailed, technical and narrative based scenarios, fully mapped to MITRE ATT&CK.

Speak to a CREST expert

Share this content

Want to take this information offline? Download our CREST Service PDF

Download now

More Consultancy Services

Latest Blogs

View all posts