BreachLock is CREST Pen Test Certified

BreachLock is thrilled to announce that we are a CREST Penetration Testing Service Provider.

What is CREST?

CREST is a not-for-profit accreditation and certification body representing the technical information security industry. CREST provides internationally recognized accreditations for organizations that deliver technical security services. It also provides professional level certifications for individuals providing vulnerability assessment, penetration testing, cyber incident response, threat intelligence and security operations center (SOC) services.

CREST membership requirements are designed to maintain a standard of excellence for vendors and individuals across the penetration testing community.

Why did BreachLock get certified?

BreachLock was built on a foundation of excellence. Since the beginning, our chief goal has been to provide the best possible penetration testing solution to our customers. That was why we created penetration-testing-as-a-service (PTaaS): to combine the creativity of humans with the scalability of machines.

Our CREST certification shows our commitment to excellence. When we talk to customers, we now have an additional layer of validation and a common vocabulary for our standards. BreachLock’s number one priority is a seamless customer experience, and CREST demonstrates that we’re in a great place to deliver that.

How does CREST choose their members?

CREST member companies must undergo regular assessments. These assessments evaluate member companies along several dimensions, including whether they can accurately scope assignments, ethically perform penetration tests, accurately use legal and regulatory frameworks, and rigorously protect customer data. To keep up with the quickly-changing security environment, CREST repeats the certification process every three years.

Why should I choose a CREST-certified pen test provider?

Choosing a pen test provider is difficult. After all, you are trusting a vendor with some of your most sensitive assets.

CREST makes the process less difficult. They perform an independent, third-party audit of member companies. When you select a CREST-certified vendor, you can feel confident that you’re using a trusted organization whose methodologies have been thoroughly vetted.

Why should I choose BreachLock?

BreachLock pioneered penetration testing-as-a-service, which upends the divide between automated and manual security testing. Automated testing involves the use of scanners and other AI-powered tools to scan for vulnerabilities, while manual testing pits human researchers against an attack surface. PTaaS combines both elements: the intelligence of human experts and the scalability of machines.

BreachLock’s penetration testing reports are structured around recommendations from bodies like OWASP and NIST. As a result, customers use the BreachLock platform to stay compliant with SOC 2, PCI DSS, ISO 27001, and HIPAA requirements.

In the short time since the company was founded, BreachLock has been named a promising cybersecurity company by CIO Review, an industry innovator by SC Media, and a top vulnerability management solution by Enterprise Security. Corporate Vision featured the company in an article highlighting the “powerful and easy to use solution.”

BreachLock is excited to join the CREST community. Contact us today to learn how we’re helping companies like SpotHero, Netlink, Cedar, SmartStream, CommerceWest Bank, and Viking Coca-Cola to secure their assets.