Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Access the smarter, faster technology needed to make the most of your hybrid working future.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Blogs » Penetration Testing: What’s the Difference Between CHECK and CREST?
AI, BCP, CISO, DDoS, DMZ, GRC, MFA, SIEM, VPN… Where there’s cyber, there’s abbreviations. What is helpful shorthand for those in the know can be intimidatingly opaque for anyone starting to dip their toes into the world of cyber security.
Two abbreviations you may have heard are CHECK and CREST – especially if you’re looking into running penetration testing at your organisation. In this blog we’ll explain the difference between CHECK and CREST, and why they’re both important things to look out for when selecting a penetration testing provider.
CHECK is a scheme managed by the National Cyber Security Centre (NCSC), under which companies approved by the NCSC can conduct authorised penetration tests on public sector and critical national infrastructure (CNI) systems and networks. The NCSC was launched in October 2016 and exists to help make the UK the safest place to live and work online.
Six Degrees is a CHECK Service Provider, which means we carry out penetration tests using NCSC recognised methods and produce the resultant reports and recommendations to recognised standards.
CHECK Service Providers must also employ at least one CHECK Team Leader. CHECK Team Leaders and CHECK Team Members must undertake rigorous exams to ensure they have the technical competence needed to meet the NCSC’s requirements.
CREST is an international not-for-profit membership body that represents the global cyber security industry. To qualify for the NCSC CHECK scheme, penetration testing providers need to employ individuals who hold at least one of two qualifications. One of these is CREST Certified level in penetration testing, which sets a benchmark for senior professionals.
CREST also accredits penetration testing providers, who must demonstrate high levels of cyber security qualifications by maintaining a number of certifications in their teams. They also have to meet compliance standards including quality standards like the ISO 27000 family and Cyber Essentials, and hold a high level of liability insurance.
You’ve probably guessed it, but Six Degrees is a CREST member. We have gone through rigorous accreditation processes covering the policies, processes, and competencies we have in place for delivery of our services – giving assurance that our penetration testing services really are best in class.
So what’s the difference between CHECK and CREST? Well, one’s a scheme and one’s a membership body. But they’re related, and you really should know about them if you’re looking to engage with a penetration testing provider.
Six Degrees’ Penetration Testing services are performed by certificated, qualified and experienced in-house testers, who deliver expert manual penetration testing complemented by comprehensive recommendations and reports. And unlike many, we can help you resolve any vulnerabilities our testers find and implement a plan to elevate your organisation’s entire cyber security posture. Get in touch if you’d like to find out more about how we can support you.
Last week Six Degrees held its first ever…
10 Microsoft Teams Hacks that will Improve Your…
Phishing and Ransomware Survival Guide 2023 In the…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.
