Select discipline option(s)

• i

  STAR intelligence-Led Penetration Testing are the assurance of critical functions that are likely to be subject to sophisticated and persistent attack. STAR tests use threat intelligence to deliver these attack simulations to provide assurance that organisations have appropriate countermeasures and responses to detect and prevent cyber-attack The tests are carried out by experienced penetration testing providers on all types of organisations and are considered to be the most realistic form of assurance service within the sector. This is combined with a review of the company’s ability to recognise and react to cyber security related attacks.

  
  Intelligence Led Penetration Testing (STAR)
• i

  Penetration testing is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders and/or malicious to identify attack vectors, vulnerabilities and control weaknesses. It involves the use of a variety of manual techniques supported by automated tools and looks to exploit known vulnerabilities and uses the expertise of the tester to identify specific weaknesses in an organisation’s security arrangements. Penetration testing is often confused with Vulnerability Assessment.

  
  Penetration Testing
• i

  VA is the examination of an information system or product to determine the adequacy of security measures; the identification of security deficiencies; to predict the effectiveness of the proposed security measures; and to confirm the adequacy of such measures after implementation.

  
  Vulnerability Assessment (VA)
• i

  Threat Intelligence is defined as contextualised output of a strategically driven process of collection and analysis of information pertaining to the identities, goals, motivations, tools and tactics of malicious entities intending to harm or undermine a targeted organisation’s operations, ICT systems or the information flowing through them. Threat Intelligence is used to carry out specialised penetration testing to deliver highly targeted attacks against organisations to simulate sophisticated threat actors.

  
  Cyber Threat Intelligence (STAR)
• i

  Cyber Incident Response is the term used to describe actions undertaken when a computer network or system is compromised, or believed to be compromised. CSIR organisations can evaluate the situation and undertake the most appropriate actions to allow recovery from, and prevent reoccurrence of, the incident.

  
  Cyber Security Incident Response
• i

  A SOC is a facility where enterprise information systems (eg. web sites, databases, data centres and servers, networks, etc) are monitored, assessed, and defended. Depending on the nature of the SOC, organisations may offer a variety of services including monitoring, detection, threat hunting, incident management, log analysis, forensic imaging, malware analysis, reverse engineering, mitigation advice and general good practice guidance.

  
  Security Operations Centres (SOC)
• i

  CREST Approved Training Providers have had their training courses reviewed against the CREST syllabus providing a clear and objective view of the course content and the level at which specific subject areas are taught. They have also had their quality procedures, data handling processes and course review criteria audited.

  
  Training Provider
• i

  A mechanism for accrediting Cyber Suppliers to conduct Cyber Audits of Aviation Organisations on behalf of the Civil Aviation Authority.

  
  ASSURE

• 
  CBEST is a Bank of England scheme delivering controlled, bespoke, cyber threat intelligence-led security testing to financial institutions. The tests replicate the behaviours of threat actors and focus on more sophisticated and persistent attacks against critical systems and essential services. CBEST accredited companies and professionals demonstrate extremely high levels of technical knowledge, skill and competency.

• iCast

  iCAST is a framework introduced by the Hong Kong Monetary Authority (“HKMA”) in response to the changing cybersecurity landscape. Under the HKMA Cyber Resilience Assessment Framework, banks which aim to attain the “intermediate” or “advanced” maturity level are required to conduct iCAST.

• TIBER EU

  The framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU) enables European and national authorities to work with financial infrastructures and institutions to put in place a programme to test and improve their resilience against sophisticated cyber attacks. TIBER- delivers a controlled, bespoke, intelligence-led red team test of entities’ critical live production systems. Intelligence-led red team tests mimic the tactics, techniques and procedures of real-life threat actors who, based on threat intelligence, are perceived as posing a genuine threat to entities. The test involves the use of a variety of techniques to simulate an attack on an entity’s critical functions and underlying systems.

• Assure

  A mechanism for accrediting Cyber Suppliers to conduct Cyber Audits of Aviation Organisations on behalf of the Civil Aviation Authority.

• TBEST

  TBEST is managed by OFCOM who assist the Government with its telecoms supply chain review ensuring networks remain resilient. TBEST, part of a Security and Resilience Assurance Scheme, is a threat intelligence-led penetration testing scheme based on the techniques known to be used by cyber criminals and hostile nation states that assesses how well a company can withstand a concerted attack which will help to identify security and operational resilience. DCMS have so far completed two pilots.

• GBEST

  Based on the CBEST model, GBEST is a UK Government intelligence-led security testing and cyber resiliency programme co-ordinated by the Cabinet Office.

• CHECK

  Note, list only displays those CHECK members that are also members of CREST. The NCSC’s IT Health Check Service, or CHECK, was developed to enhance the availability and quality of services provided to Government and the wider public sector. CHECK services identify vulnerabilities in IT systems and networks which may compromise the confidentiality, integrity or availability of information held on that IT system. The NCSC and CREST work in collaboration to provide a set of examinations that are acceptable to industry and meet the requirements of private and public sectors. All CHECK Team Leaders and Members have passed an approved professional examination, such as a CREST examination, that is designed to test for a basic grounding in the discipline; companies belonging to CHECK are measured against high standards set by the NCSC.

Back

Back