SureCloudâs accreditations make it the best GRC software and service provider for our clients.
Find out what each accreditation means in this round-up.
CREST STAR & Membership
SureCloud has been accredited to provide Simulated Target Attack and Response (STAR) Intelligence-Led Penetration Testing services by the not-for-profit accreditation body, CREST, which represents the technical information security market.
To meet CRESTâs stringent requirements to secure STAR service provider status, SureCloud had to demonstrate its robust methodologies and sophisticated capabilities relating to the latest vulnerabilities and cyber crime techniques, as well as meeting government and risk management requirements.
CREST provides organisations wishing to buy penetration testing services, threat intelligence or incident response services, with confidence that the work will be carried out by qualified individuals with up-to-date knowledge, skill, and competence of the latest vulnerabilities and techniques used by real attackers. CREST member organisations have demonstrated a level of assurance of processes and procedures and validated the competence of their technical security staff.
SureCloudâs Vulnerability Assessment Services accredited by CREST
CREST, the international accreditation and certification body for the technical information security market, has recently introduced a Vulnerability Assessment (VA) accreditation, to eliminate confusion in the buying community between VA and penetration testing. Because SureCloudâs Vulnerability Services are managed â that is, a qualified consultant runs the tool and interprets the output for each scan â we meet the requirements of the new accreditation from the outset.
SureCloud Achieves a Place on DOS4
We are pleased to announce that SureCloud has been awarded a place on the Digital Outcomes and Specialists framework 4 (DOS4). This means that we are able to sell both cyber services and governance, risk and compliance (GRC) products to public sector organisations, through the framework.
The public sector uses a specialist Digital Marketplace to buy cyber and digital services. Providers of those services must apply for a place in the marketplace, by complying with the terms of the Digital Outcomes and Specialists framework.
ISF Member
The ISF is the worldâs leading authority on cyber, information security and risk management. As a member, we have access to a comprehensive library of research reports, which includes risk analysis and continuous benchmark tools and methodologies. Itâs an exclusive organisation where members can collaborate, share any challenges and develop solutions with their global peers, as well as learn about the latest security issues from industry experts.
CHECK
The CHECK scheme enables penetration testing by NCSC approved companies, employing penetration testing personnel qualified to assess IT systems for the Government and other public sector bodies. To become a CHECK company, you must apply and be approved by the assessment panel. This requires you to meet a strict set of requirements, which includes personnel holding SC clearance, passing annual examinations and providing evidence of penetration testing experience.
PCI Approved Scanning Vendor
The PCI Security Standards Council maintains a structured process for security solution providers to become Approved Scanning Vendors (ASVs), as well as to be re-approved each year. The five founding members of the Council recognize the ASVs certified by the PCI Security Standards Council as being qualified to validate adherence to the PCI DSS by performing vulnerability scans of Internet facing environments of merchants and service providers.
Cyber Essentials Plus
Cyber Essentials Plus certified organisations have a clear picture of their organisationâs cyber security level and have been verified by independent experts as demonstrating they have the cyber security measures in place to protect against an attack. Affiliates must comply with the requirements of the scheme, which center on five technical control themes: firewalls, secure configuration, user access control, malware protection and patch management.
SureCloud Wins Awards for Pentest-as-a-ServiceŠ
On May 16th 2019, SureCloud won the award at the DCS Awards, Grange St Paulâs Hotel, in London. The award was for Cloud Project of the Year presented by Philip Alsop, Editor Digitalisation World. This award was based on our Pentest-as-a-Service offering hosted on our cloud-based platform for Equiom Group.
Pentest-as-a-Service nominated â Computing Security Awards 2018
The prestigious awards recognise individuals, organisations, and products that are best-of-breed, working tirelessly to keep customersâ operations safe, productive and always ahead of the game. Computing Security Awards announced SureCloud as part of the 2018 nominees. We are proud to say that our Pentest-as-a-Service offering was shortlisted for âPen Testing Solution of the Yearâ 2018.
For more information on our accreditations, or to find out more about our recent awards, email services@surecloud.com
To find out which SureCloud offering would be the best GRC software solution for you, take a look at our full list of capabilities.