ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Security threats Toolkit

Infosecurity Europe 2008

Ethical hackers get industry association

David Meyer ZDNet.co.uk

Published: 24 Apr 2008 11:09 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

An industry association has been created for ethical hackers, in a bid to reassure buyers of systems and applications that such products have been sufficiently tested.

The Council of Registered Ethical Security Testers (Crest) made its public debut on Wednesday at the Infosecurity Europe conference in London. The aim of the council is to standardise ethical penetration testing and provide professional qualifications for the testers.

Read this

Infosecurity Europe 2008: Special report

All the latest news and blogs from the security industry's biggest UK event...

Read more +

"Penetration testing is a widely accepted method of assuring information security and has become an integral part of many organisations' operational and technology risk management programs," said Crest chair Paul Docherty. "Yet despite the widespread use of penetration testing, there has historically been a definite lack of agreed commercial standards and practices. We formed Crest with a number of other providers in order to supply a high level of standard to companies who engage with security testers."

Crest's advisory panel includes representatives from insurance group Aviva, Lloyds TSB and the NHS. Aviva's David King said the organisation would "provide an industry standard to allow the purchasing community to have confidence [in the products they are buying]".

Member companies are part of the new Crest trade body, which will govern the Crest professional body that provides for individuals who are not employed by the member companies, in areas such as exams.

Crest is running certification examinations in two streams: infrastructure testing and web-application testing. Testers can either apply for certification at the corporate level, which costs £7,000, or on a standalone level as a "Crest associate", which will cost them £1,600 to sit the exam.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell
Infosecurity Europe 2008

Did you find this article useful?
4 out of 4 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats



More in this Special Report

Blog: Social networking and portability

Blog: Social networking and portability

One of the more interesting speakers at Infosec's "Locking Down Social Networking Vulnerabilities" event today was Giles Hogben of the European Network and Information Security Agency (ENISA) more

ICO: Data-protection spot checks due this year

ICO: Data-protection spot checks due this year

The information commissioner has confirmed that his office will be getting new powers to carry out spot checks on any company in the UK holding data on individuals more

Infosecurity Europe 2008: Preview

Infosecurity Europe 2008: Preview

Over 11,000 delegates and 320 exhibitors will attend one of Europe's largest IT security shows on Tuesday at London's Olympia conference centre more

Security breaches down, says IT security report

Security breaches down, says IT security report

The latest Information Security Breaches Survey has reported that while the number of security breaches has fallen in the past two years, the average spend on defences has increased more

Facebook admits to increased attacks by spammers

Facebook admits to increased attacks by spammers

The social-networking site has come under increased attack by spammers and phishers this year, according to its head of security more

Security industry gears up for biggest UK event

Security industry gears up for biggest UK event

Infosecurity Europe 2008 is underway in London and will include keynotes and product demos from the some of the leading organisations in IT security more

Vendors urged to take responsibility for security

Vendors urged to take responsibility for security

When it comes to the security of hardware and software, suppliers should be put on the spot, argue experts at Infosecurity Europe 2008 more

Media lobbying 'watered down' data-misuse laws

Media lobbying 'watered down' data-misuse laws

As a result of media lobbying, the information commissioner says another serious data breach will need to occur before prison sentences for data misuse are imposed more

HMRC data loss blamed on targets

HMRC data loss blamed on targets

Merlin, Lord Erroll, believes targets and budgets rather than individuals should be blamed for the loss of 25 million UK citizens' confidential records last year more

Former White House adviser talks mobile threats

Former White House adviser talks mobile threats

Security strategist Howard A Schmidt discusses whether mobile attacks are overhyped and what new risks have been introduced by virtualisation more

Security expert voices virtualisation concerns

Security expert voices virtualisation concerns

Mikko Hyppönen, chief research officer for security specialist F-Secure, claims virtualisation technology will have its own specific security threats more

Lord: No proof any data was lost from HMRC

Lord: No proof any data was lost from HMRC

Security expert Merlin, The Earl of Erroll, claims no evidence has come to light to prove data was actually lost in last year's HMRC missing-disc incident more

Company/Topic Alerts

Create a new alert from the list below:





Related Jobs

Internet Operations Analysts

Penetration testing (e.g.preventing hackers accessing critical systems and information) An interest in internet technology is of course essential. ...

Senior Application Architect

Skills Description: Mandatory Skills:- Technical: Integration architect - The design and development of solutions to integrate package and custom ...

NHS - Procurement/Purchasing/Sourcing - Contract - Midlands - Apply!

An NHS organisation is looking to fill an interim position, with someone with the following skills: - Excellent stakeholder management and ...

Featured Talkback

What was achieved there is recognised to be of fundamental importance to both winning the war (Churchill visited to say 'thank you' to them) and the development of the computer. Maybe Bill Gates doesn't want to support this museum because it underlines where electronic computing started i.e. here, not the U.S.

By: 1000103773

Read full story:
Bletchley Park faces bleak future

Sentry Posts Blog

Mobile Security Expert: Your Camera Ph...

Mobile Security Expert: Your Camera Phone Got Hacked Author: Eric Everson, Founder MyMobiSafe.com Have you ever heard someone say “I’d like to be a fly on the wall in that room.”?... More

Post a comment

Skype - The Roach Motel

Here is an interesting article from The National Business Review, pointing out once again that you can never delete a Skype account. Never. Period. This is something I am familiar... More

Post a comment

The vPhone: Why Visa Should Go Mobile

The vPhone: Why Visa Should Go Mobile Author: Eric Everson, Founder MyMobiSafe.com With all of the success of Apple’s iPhone, there is a growing case to support a company like Visa... More

Post a comment

Featured Oracle Resources

businessfirst: Ideas to help small companies retain their successful entrepreneurial spirit

Oracle ONE Magazine: Technology solutions for midsized businesses February 2008 edition

Choosing a Reliable and Powerful IT Infrastructure at a Price You Can Afford

Database Consolidation: Reducing Cost and Complexity

Ensuring Data Protection for Growing Business

Oracle for medium and emerging businesses: protect, strengthen and enhance your organisation

Oracle partner network solutions catalogue

See All White Papers