Login to profile

Implementation & Procurement Guides


CREST Defensible Penetration Test – Guidance for commercial reasonable assurance activity
This guidance provides recommendations on how penetration tests should be scoped, delivered and signed off. With significant growth in the numbers of penetration tests being carried out around the world, the need to define best practice has become increasingly important. CREST has worked alongside industry recognised and peer-selected experts to define a minimum set of expectations associated with a penetration test.

A Guide to Penetration Testing 2022 – This CREST guide provides practical advice on the establishment and management of a penetration testing programme, helping organisations to conduct effective, value-for-money penetration testing as part of a technical security assurance framework.  it is designed to enable organisations to prepare for penetration tests, conduct actual tests in a consistent, competent manner and follow up tests …

CREST has also developed a suite of maturity assessment tools to help assess the status of a penetration testing programme based on the standard  industry scale.


Cyber Security Incident Response Procurement Guide – Cyber Security incidents have not only become more numerous and diverse but also more damaging and disruptive with new types of cyber security attacks emerging regularly.  This Guide provides details about how to handle cyber security incidents in an appropriate manner and gives practical advice on how to prepare for, respond to and follow up an incident in a fast and effective manner.   It is designed to enable you to determine what a cyber security incident means to your organisation, build a suitable cyber security incident response capability and learn about where and how you can get help …

Cyber Security Incident Response Supplier Selection Guide – In support of the Procurement Guide, the Supplier Selection Guide provides practical advice on the procurement of cyber security incident response services.  it outlines the key concepts needed to define a cyber security incident and build an appropriate response capability whilst presenting guidance on how to apply a systematic and structured process to selecting a reputable supplier to most effectively meet your needs …

CREST has also developed a maturity model to enable assessment of the status of an organisation’s cyber security incident response capability.  The model has been supplemented by a spreadsheet-based maturity assessment tool which helps to measure the maturity of a cyber security incident response capability based on the standard industry scale.


What is Cyber Threat Intelligence and how is it used? – This Guide provides practical advice on the practice and procurement of cyber threat intelligence services.  It outlines the key concepts and principles that underpin cyber threat intelligence, along with the ways in which organisations use cyber threat intelligence to prevent, detect and respond to cyber security incidents.


Cyber Security Monitoring and Logging Guide – The Guide presents details about how to monitor and log cyber security events, some of which are potential indicators of compromise that can lead to cyber security incidents if they are not addressed quickly and effectively.  It offers practical advice on how to manage logs efficiently, deal with suspicious events, use cyber security intelligence and address challenges.

CREST has developed a detailed and comprehensive accreditation process for SOCs.  You can read an overview of our discipline criteria here


CBEST Implementation Guide  The CBEST Implementation Guide provides an overview of the CBEST Scheme and how it is implemented with the support of the security services industry.  It also provides practical advice on how the services under the CBEST Scheme can be procured.

Resources Penetration Testing Cyber Security Incident Response Cyber Threat Intelligence