Node4 now CREST Certified for Penetration Testing Services


Node4 has announced that CREST has certified the company as a global CREST penetration testing service provider. This certification affirms Node4’s expertise to conduct penetration testing for its customers, with the company also being Cyber Essentials and ISO27001 certified.

CREST provides an internationally recognised certification for companies providing Penetration testing, cyber incident response, and threat intelligence services. All CREST member companies undergo stringent assessment and rigorous professional-level examinations to demonstrate knowledge, skill and competence, giving customers confidence that the work will be carried out by qualified individuals equipped with the latest knowledge, expertise and competence to tackle vulnerabilities and techniques used by attackers.

“We are extremely proud to receive this certification from CREST,” commented Steve Nice, Chief Security Technologist at Node4.

“Penetration testing is the most critical component for any comprehensive IT security practice. For us, being part of the CREST community is one of the hallmarks that embodies security best practice. It’s reassurance for our customers that we can protect them from even the most sophisticated cyber threats.”

node4 crest certification - RapidGator - Node4 now CREST Certified for Penetration Testing Services

Working alongside the Bank of England (BoE), government and industry, CREST developed a framework to deliver controlled, bespoke, intelligence-led cyber security tests. STAR (Simulated Targeted Attack and Response) incorporates penetration testing and threat intelligence services to accurately replicate threats to critical assets.

The STAR tests use Threat Intelligence to deliver these attack simulations to provide assurance that organisations have appropriate countermeasures and responses to detect and prevent cyber attack. The STAR scheme is a prerequisite for membership of the BoE CBEST scheme, used to provide assurance to the most critical parts of the UK’s financial services.

For those organisations that have experienced a cyber security incident, or are trying to reduce the likelihood or severity of such an attack, CREST has introduced a scheme based on company assessment and professional qualifications which has been endorsed by GCHQ and CPNI.

The CREST Cyber Security Incident Response scheme focuses on appropriate standards for incident response aligned to demand from all sectors of industry, the wider public sector and academia. Companies included in this scheme have demonstrated that they have effective policies, processes and procedures in place to help organisations plan for, manage and recover from significant cyber security related incidents.

node4 crest certification - amzbiz 50 - Node4 now CREST Certified for Penetration Testing Services

These companies will also have access to professionally qualified staff in intrusion analysis and reverse engineering.

Penetration testing, STAR, SOC and cyber incident response services provided under CREST are also supported by comprehensive codes of conduct for both the company and individual. These codes are used to ensure the quality of the services provided, the integrity of the companies and individuals and adherence to audited policies, processes and procedures. This provides a significant level of protection for any organisation procuring these types of services.

Ian Glover, president of CREST commented,

“Congratulations to Node4 for achieving the certification – it’s not easy to go through the rigorous assessment required to become a CREST member that examines test methodologies, legal and regulatory requirements, data protection standards, logging and auditing, internal and external communications with stakeholders, as well as how test data security is maintained,”

node4 crest certification - amzbiz 50 - Node4 now CREST Certified for Penetration Testing Services

“We are pleased to welcome Node4 as a CREST member and recognise that the company will consistently deliver the highest professional security services standards to its customers while delivering its business and brand objectives.”

Rapid Mobile uses cookies, tokens, and other third party scripts to recognise visitors of our sites and services, remember your settings and privacy choices, and - depending on your settings and privacy choices - enable us and some key partners to collect information about you so that we can improve our services and deliver relevant ads.


By continuing to use our site or clicking Agree, you agree that Rapid Mobile and our key partners may collect data and use cookies for personalised ads and other purposes, as described more fully in our privacy policy.


You can change your settings at any time by clicking Manage Settings or by visiting our Privacy Centre for more detailed information.


Privacy Settings saved!
Cookie Services

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

These cookies are necessary for the website to function and enable essential services and functonality, including identify verification, service continuity and site security. Opt out is not availabe.

Essential Session management cookies for logged in users
  • wordpress_test_cookie
  • wordpress_logged_in_
  • wordpress_sec

For perfomance reasons we use Cloudflare as a CDN network. This saves a cookie "__cfduid" to apply security settings on a per-client basis. This cookie is strictly necessary for Cloudflare's security features and cannot be turned off.
  • __cfduid

Used by Spamshield to stop spam signups
  • _wpss_h_
  • _wpss_p_

NewsWire Service
  • BIGipServerwidget2_www_http

Decline all Services
Accept all Services