Fluid Attacks achieves CREST accreditation for penetration testing services

Released: 25 March 2025

Fluid Attacks is proud to announce its accreditation as a CREST-approved penetration testing service provider. This marks a significant milestone in the company’s commitment to delivering top-tier AppSec solutions.

Rigorous evaluation and industry recognition

CREST, a globally recognized non-profit accreditation body, has validated Fluid Attacks’ technical and management practices. CREST’s rigorous vetting process guarantees that accredited companies possess the necessary expertise, methodologies, and knowledge to conduct comprehensive and reliable penetration testing. This accreditation signifies that Fluid Attacks, among over 40 companies in the Americas, meets the stringent standards set by CREST, ensuring clients receive services from highly qualified and ethical professionals.

Expertise and comprehensive PTaaS

CREST assessed the key procedures of Fluid Attacks’ Continuous Hacking Advanced Plan, in which it provides penetration testing as a service (PTaaS) through its team of certified professionals, who have extensive experience identifying, exploiting and reporting security vulnerabilities. PTaaS ensures that clients benefit from a combination of automated and manual testing methodologies based on up-to-date knowledge of the latest cybersecurity threats.

Commitment to security and ethical practices

Fluid Attacks evidences through this certification:

robust engagement procedures involving clear scope definition, non-disclosure agreements, and strict policies to protect client data;
transparent methodologies, clearly communicating the employed testing techniques and security controls;
verified scope coverage and detailed vulnerability weighting and reporting systems;
defined data retention and removal procedures.

Benefits of CREST accreditation

Choosing a CREST-accredited provider like Fluid Attacks offers numerous advantages, including:

Assured competence: Services delivered by highly trained professionals with extensive experience
Regulatory compliance: Expertise in technical controls and testing methodologies required for compliance with standards like PCI DSS, GDPR, NIS, and ISO 27001
Enhanced security posture: Proactive vulnerability identification and clear and transparent communication to help safeguard critical systems and data
Increased trust: A demonstration of commitment to high standards and ethical practices, fostering client confidence
Tailored solutions: Personalized security testing methodologies that align with unique environments and security goals
Continuous improvement: Ongoing knowledge updates and assessments to stay ahead of evolving threats

“This CREST accreditation underscores our dedication to providing our clients with the highest quality penetration testing services,” says Vladimir Villa, Fluid Attacks’ CEO. “We are committed to helping organizations protect their valuable assets and build a strong security foundation.”

“We are pleased to welcome Fluid Attacks as a CREST accredited member company in the Americas region,” said Nick Benson – CEO of CREST. “To gain accreditation for its penetration testing services, demonstrates the high standards of Fluid Attacks that we look for in our Member organisations and their services, in order to build a strong, global cyber community that will help create a safer digital world for all.”

About Fluid Attacks

Fluid Attacks offers a comprehensive ASPM solution that enables its customers to identify, prioritize, and remediate security vulnerabilities in their products throughout the SDLC. Security testing is performed by an automated tool, a team of pentesters, and AI reporting to a single platform with various integrations that facilitates risk-based vulnerability management. GenAI supports vulnerability remediation, and experts assist in the understanding of complex issues, which significantly contributes to accelerating companies’ risk exposure mitigation and strengthening their cybersecurity posture.