SureCloud, a supplier of Cloud-based Governance, Risk and Compliance (GRC) solutions and security services, today announced its formal membership of CREST, a not-for-profit accreditation body that represents the technical information security industry.
Becoming a member of CREST adds further credibility to SureCloud’s Penetration Testing services which have been CESG CHECK approved since 2009. SureCloud was also recently re-certified by the Payment Card Industry Security Standards Council (PCI SSC) as a PCI Approved Scanning Vendor (PCI ASV) for the 8th year running.
CREST provides buyers of technical information security services with accredited professional services specialists that have all signed up to a strict and enforceable code of conduct.
Organisations purchasing penetration testing services from CREST member organisations can be confident that work will be carried out by competent experts with up to date skills and knowledge relating to the latest vulnerabilities and techniques used by attackers. The CREST scheme also assures that member organisations have suitable policies, processes and procedures to deliver Security Testing as well as to safeguard client information.
Since 2006 SureCloud has taken an innovative approach to delivering security testing by providing clients with the ability to manage test outputs via the Vulnerability Management application within the SureCloud Platform as well as delivering traditional penetration reports.
The SureCloud Platform can also provide clients with other functionality including Event Management, Vulnerability Scanning as well as help to automate spreadsheet-based GRC processes.
SureCloud is a provider of Gartner recognised GRC software and CREST accredited Cyber Security & Risk Advisory services. Whether buying products or services your organisation would benefit from automated workflows and insight from the award-winning SureCloud platform. All of SureCloud’s service offerings are fully compatible with the GRC suite of products enabling seamless integration of information, taking your risk programmes to the next level.