speak to an expert

Thank You

Your form has been submitted successfully.
Oops! Something went wrong while submitting the form.

CBEST

Intelligence led penetration Testing

Security Alliance is a leading provider of CBEST Threat Intelligence Assessments. Our unique approach will paint a clear picture of your most likely and dangerous threats.

CBEST Approved

English Flag

What is CBEST?

CBEST is the pioneering framework driving intelligence-led resilience assessments. Driven by the Prudential Regulation Authority (PRA), the Bank of England and the Financial Conduct Authority (FCA), it applies to systemically critical organisations in the UK’s financial services sector. The core principle is that Firms are tested against realistic threat scenarios that are generated by qualified Threat Intelligence providers.  Ultimately, this means that testers engage in scenarios mimicking the most credible attackers, using relevant and up-to-date tactics, techniques, and procedures (TTPs).

CBEST Threat Intelligence REPORTING

We cover Threat Intelligence Assessment and Targeting Intelligence to ensure all requirements are met.

Threat Intelligence Assessment

This contains detailed analysis of a customer’s threat landscape. It is an external assessment leveraging structured analytical techniques to identify the most relevant threat actors based on the organisation and its critical business functions. This leads to the creation of realistic threat scenarios, which are simulated by a red team during the testing phase. Scenarios are underpinned by threat level scoring, relevant use cases, and threat actor profiling. Scenarios also fuse in relevant findings from the Targeting Assessment and include all associated MITRE ATT&CK® tactics, techniques, and sub-techniques.

Targeting Assessment

This provides an in-depth review of an organisation’s attack surface from the perspective of a threat actor. The purpose is to perform attacker-like reconnaissance against the organisation, its assets and its people and to explain how this information, gathered through technical and manual collection techniques, can be leveraged by the threat actor to mount an attack. These findings along with the TTPs of the threat actor feed into the final attack scenarios which are then used by the red teams to mimic a real world attack.

Security Alliance is one of the founding contributors to the CBEST framework with detailed knowledge of its construct and operation. If you would simply like to speak to one of Certified Threat Intelligence Managers who is experienced in delivering a CBEST engagement, we'd be happy to help.

Speak to a CBEST expert
"We greatly benefited from the threat assessment. The quality of the technical staff and their analysis is outstanding."
CEO,
Financial Services organization

Why Security Alliance for CBEST?

From conception to delivery and beyond, Security Alliance will be your Trusted  partner

1

Our delivery fully aligns with the requirements of the CBEST framework

2

Our reports are of consistently high quality and depth, constantly enriched by our fusion team

3

We work with all stakeholders in the CBEST programme including the PRA, NCSC and red team provider

Speak to a CBEST expert

Share this content

Want to take this information offline? Download our CBEST Service PDF

Download now

more consultancy services

latest Blogs

View all posts