In accordance with CREST’s stated aim ‘to increase professionalism in the security testing industry’, CREST places requirements on member companies in order to ensure that a consistent standard of testing services are delivered.
The requirements fall into 4 main areas:
- Company operating procedures and standards
- Personnel security and development
- Approach to testing
- Data security.
Prior to applying to join CREST, prospective member companies are encouraged to review the requirements documents and ascertain their compliance status.
If you wish to become a CREST member company please register your interest by emailing firstname.lastname@example.org.
After receipt of an expression of interest, CREST will send you a documentation pack containing:
- Company Membership Application Form
- Methodology Requirements
- Personnel Requirements
- Code of Conduct.