IOActive Awarded CREST Accreditation for its Leading Penetration Testing Services

Accreditation reinforces IOActive’s commitment to protecting its Global 1000 clients from the latest cyber threats and attacks

IOActive, Inc., provider of research-driven security services, has been awarded CREST accreditation for its penetration testing services and will join CREST as its newest member company. By achieving CREST accreditation, IOActive’s global customers are assured that IOActive’s penetration tests meet the highest standards and that the work will be carried out by highly-qualified security consultants with all of the required skill, competence, and knowledge of the latest vulnerabilities and techniques exploited by attackers.

“This CREST accreditation is incredibly valuable as we continue expanding our global base of critical infrastructure and financial services clients who utilize our penetration testing services,” said Jennifer Steffens, CEO of IOActive. “For two decades, IOActive has invested in hiring only the best and brightest penetration testers and security consultants that can provide our clients with the highest quality of security services. This CREST membership underscores our commitment to protecting our customers from the most sophisticated cyber attacks and threats.”

CREST is a not-for-profit accreditation and certification body that represents and supports the information security market. CREST accreditation is a prerequisite for suppliers to engage with many public sector and private enterprise customers, including some of the world’s largest public companies. To achieve CREST membership, IOActive went through a very demanding assessment process that examines test methodologies, legal and regulatory requirements, data protection standards, logging and auditing, internal and external communications with stakeholders and how test data security is maintained.

“Congratulations to IOActive on its CREST membership,” said CREST President, Ian Glover. “In addition to being one of the leading penetration testing companies, the ability to work collaboratively with IOActive’s research teams will provide the opportunity to expand the understanding of how to address technical cyber security issues in complex environments, including critical national infrastructure.”

With proficiency far beyond off-the-shelf tools or remotely managed services, IOActive leverages an attacker’s perspective to identify the highest risk vulnerabilities and provide actionable recommendations for remediation. IOActive has been at the forefront of penetration testing across the full stack of technologies including: mobile applications, infrastructure, wireless, cloud environments, embedded devices and web services. Going deeper than traditional pen test companies, IOActive incorporates each industry’s unique requirements and risk factors into our methodologies and analysis to ensure the most effective testing and remediation recommendations.