Kyos is now CREST accredited for its Penetration Testing services

Kyos team is proud to announce that we have successfully passed the CREST Accreditation for Penetration Testing. This accreditation allows our clients to get CREST Certified penetration testings directly from Kyos. This standard ensures clients that they can get high-quality services from Kyos and entrusted professional ethical hackers.

‘CREST is pleased to welcome Kyos SA. as an accredited member company’, said Ian Glover, president of CREST, ‘Kyos has been through a demanding assessment process that examined test methodologies, legal and regulatory requirements, data protection standards, logging and auditing, internal and external communications with stakeholders, as well as how test data security is maintained. Awarding Kyos membership for its penetration testing services means that we are formally recognizing that the company consistently delivers the highest professional security services standards to its customers’.

In fact, CREST provides clients with a clear indication of the quality of the organization and the technical capability of staff they have access to, including:

•       Access to trusted service organizations utilizing highly skilled, knowledgeable and competent individuals
•       Procurement support
•       Industry benchmarks
•       rigorous application process for added assurance

In order to become certified, Kyos has submitted policies, processes and procedures relating to our service provision to CREST providing added assurance for our clients. These policies, processes and procedures have been assessed by CREST and have been deemed fit for purpose and include:

  • Certified individuals
  • Language capability
  • Assignment preparation & scope
  • Assignment execution
  • Technical Methodology
  • Tools & resources
  • Event analysis & response
  • Data Storage and Transmission Controls
  • Information sharing
  • Reporting
  • Deliverables
  • Post technical delivery
  • Asset/Information/Document Storage, Retention and Destruction

About CREST

CREST is a not-for-profit accreditation and certification body representing the technical information security industry. CREST provides internationally recognized accreditations for organizations providing technical security services and professional level certifications for individuals providing vulnerability assessment, penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services. CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure currency of knowledge in fast-changing technical security environments the certification process is repeated every three years.