Vector
Vector

Choose your topics

Blogs
The GRC Trends to Look Out for in 2024

Our GRC experts at SureCloud share their 2024 predictions for the world of governance, risk and compliance.

GRC
Blogs
The Top 5 Challenges of Third-Party Risk Management

With the supply chain now seen as a legitimate attack path, what can your organization do? Let’s explore 5 challenges of TPRM and how to overcome them.

Third-Party Risk Management GRC
Blogs
What is Third-Party Risk Management?

What is third-party risk management and how should you approach it? Find out in this post.

Third-Party Risk Management GRC
Blogs
The Top 4 Challenges of Risk Management

What are the top four challenges of risk management today and how can you overcome them? Find out in this post from SureCloud.

Third-Party Risk Management GRC
Blogs
Transform Compliance into Your Competitive Advantage

In GRC, compliance is often viewed as a cost that makes it harder to pursue growth. Here's how to make it your competitive advantage.

Compliance Management GRC
Blogs
Questions You Should Ask when Preparing For Your First Pen Test

Understand the processes that you and your chosen pentest provider will travel through for your first pen test, from the initial point to the day the test starts.

Penetration Testing
Blogs
TPRM Blog 6-Writing Clear Questions

Our GRC Practice Director explores the importance of clear communication and how to achieve it in your third party questionnaires. Read more here.

Third-Party Risk Management GRC
Blogs
The Simple Way to Combat Phishing

SureCloud Cybersecurity Practice Director Luke Potter shares his tip to stay ahead of attackers phishing for your downfall.

Penetration Testing
Blogs
See Yourself in Cyber With Janhavi Deshpande

See Yourself in Cyber With Janhavi Deshpande - SureCloud

Cyber Security
Vector (7)
Vector-1
Cyber Security

SureCloud's Cyber Credentials

SureCloud's Cyber Credentials
Written by

Isadora Gregori

Published on

12 Dec 2019

SureCloud's Cyber Credentials

 
 

SureCloud’s accreditations make it the best GRC software and service provider for our clients.

Find out what each accreditation means in this round-up.

CREST STAR & Membership

SureCloud has been accredited to provide Simulated Target Attack and Response (STAR) Intelligence-Led Penetration Testing services by the not-for-profit accreditation body, CREST, which represents the technical information security market.

To meet CREST’s stringent requirements to secure STAR service provider status, SureCloud had to demonstrate its robust methodologies and sophisticated capabilities relating to the latest vulnerabilities and cyber crime techniques, as well as meeting government and risk management requirements.

CREST provides organisations wishing to buy penetration testing services, threat intelligence or incident response services, with confidence that the work will be carried out by qualified individuals with up-to-date knowledge, skill, and competence of the latest vulnerabilities and techniques used by real attackers. CREST member organisations have demonstrated a level of assurance of processes and procedures and validated the competence of their technical security staff.

SureCloud’s Vulnerability Assessment Services accredited by CREST

CREST, the international accreditation and certification body for the technical information security market, has recently introduced a Vulnerability Assessment (VA) accreditation, to eliminate confusion in the buying community between VA and penetration testing. Because SureCloud’s Vulnerability Services are managed – that is, a qualified consultant runs the tool and interprets the output for each scan – we  meet the requirements of the new accreditation from the outset.

ISF Member

The ISF is the world’s leading authority on cyber, information security and risk management. As a member, we have access to a comprehensive library of research reports, which includes risk analysis and continuous benchmark tools and methodologies. It’s an exclusive organisation where members can collaborate, share any challenges and develop solutions with their global peers, as well as learn about the latest security issues from industry experts.

CHECK

The CHECK scheme enables penetration testing by NCSC approved companies, employing penetration testing personnel qualified to assess IT systems for the Government and other public sector bodies. To become a CHECK company, you must apply and be approved by the assessment panel. This requires you to meet a strict set of requirements, which includes personnel holding SC clearance, passing annual examinations and providing evidence of penetration testing experience.

PCI Approved Scanning Vendor

The PCI Security Standards Council maintains a structured process for security solution providers to become Approved Scanning Vendors (ASVs), as well as to be re-approved each year. The five founding members of the Council recognize the ASVs certified by the PCI Security Standards Council as being qualified to validate adherence to the PCI DSS by performing vulnerability scans of Internet facing environments of merchants and service providers.

Cyber Essentials Plus

Cyber Essentials Plus certified organisations have a clear picture of their organisation’s cyber security level and have been verified by independent experts as demonstrating they have the cyber security measures in place to protect against an attack. Affiliates must comply with the requirements of the scheme, which center on five technical control themes: firewalls, secure configuration, user access control, malware protection and patch management.

SureCloud Wins Awards for Pentest-as-a-Service©

On May 16th 2019, SureCloud won the award at the DCS Awards, Grange St Paul’s Hotel, in London. The award was for Cloud Project of the Year presented by Philip Alsop, Editor Digitalisation World. This award was based on our Pentest-as-a-Service offering hosted on our cloud-based platform for Equiom Group.

Pentest-as-a-Service nominated – Computing Security Awards 2018

The prestigious awards recognise individuals, organisations, and products that are best-of-breed, working tirelessly to keep customers’ operations safe, productive and always ahead of the game. Computing Security Awards announced SureCloud as part of the 2018 nominees. We are proud to say that our Pentest-as-a-Service offering was shortlisted for “Pen Testing Solution of the Year” 2018.

For more information on our accreditations, or to find out more about our recent awards, email services@surecloud.com 

 

To find out which SureCloud offering would be the best GRC software solution for you, take a look at our full list of capabilities.