We are excited to announce that we have achieved the globally recognised CREST accreditation, demonstrating our skill and competence in penetration testing.

CREST approved

Pen testing that’s CREST-approved

Our new accreditation shows our commitment to providing clients with the highest standard of CREST approved cyber security solutions. 

Membership is awarded to organisations with a demonstrable level of proficiency when it comes to penetration testing procedures. It ensures that companies have mature processes in place to deliver high quality professional services. 

To achieve this accreditation, we underwent a rigorous assessment of our business processes and testing methodologies. The main areas of assessment are: 

  • Company operating procedures and standards  
  • Personnel security and development  
  • Approach to testing and response
  • Data security

As an award-winning MSSP (Managed Security Service Provider), this is a significant achievement for our expert team and means we are now accredited at the highest level when it comes to pen testing.


What does being ‘CREST approved’ mean for clients?

Cyber security is increasingly becoming a priority for businesses and penetration testing is a legal requirement for many. But, when looking for a provider, many find it hard to know who to trust with such an important task. 

CREST sets the industry benchmark for security testing. Its aim is to ensure that buyers are in a position to procure services from a company with trusted, experienced technical staff. 

So, you can rest assured that as a member of CREST, Air IT has been assessed and deemed fit for purpose in all the necessary policies, processes and procedures. 

This means that we can provide our clients with the highest quality of ethical security testing, approved by the top industry regulator. 


Lee Johnson, Chief Technology Officer at Air IT, said:

“The latest government Cyber Security Breaches Survey found that 68% of SMEs were hit by a cyberattack last year, and cybercriminals are using the pandemic to their advantage by targeting businesses that are unprepared for the security issues associated with remote working. 

We are committed to protecting businesses from cybercrime and are proud to be accredited members of CREST, the leading organisation for cyber security experts. It is testament to the talent and dedication of our team, who have proven their expertise after an in-depth audit of the company’s internal processes in addition to their individual qualifications.” 


What is penetration testing? 

Also known as pen testing, this specialist security protocol is carried out by qualified experts who ethically simulate the latest hacking techniques used by cybercriminals in the real world, testing businesses’ cyber defences and uncovering any weaknesses that could be exploited. 

Penetration testing is an essential tool for proactively analysing and improving IT systems. It is a legal requirement for businesses that need to comply with PCI regulations, and is recommended for ISO 270001. 


What is CREST? 

CREST is a not-for-profit accreditation and certification body representing the technical information security industry. They award internationally recognised accreditations to organisations delivering technical security services, as well as professional level certifications for individuals providing vulnerability assessment, penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services. 

CREST approved member companies are subject to regular, stringent assessments, whilst CREST-certified individuals undertake thorough examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure the upkeep of knowledge in such a fastchanging industry, the assessment process is repeated every three years. 


Ian Glover, President of CREST, said: 

“Recognising the vital role of penetration testing for its growing public and private sector client base, Air IT is now able to give customers the added reassurance that its services meet the very highest standards, by successfully going through the CREST accreditation process. As well as a rigorous assessment of its business processes, data security and testing methodologies, Air IT has built a team of qualified, CREST-certified penetration testers to carry out this highly-skilled and sensitive work.” 


CREST approved cyber security services

Air IT is a CREST approved, full-service Managed Service Provider offering award-winning managed IT services to clients across the UK. We launched our specialist cyber security division in 2017helping SMEs to protect their data, educate employees and minimise the risk of cyberattacks. 

Have you taken the necessary steps to protect your business from the latest cyber threats? Air IT’s managed security services include penetration testing, SOC as a Service, user awareness training and more. We’re the cyber security partner your business can trust – please don’t hesitate to get in touch to find out more.