SecAlliance is a member of CREST, a not-for-profit organisation that serves the needs of a technical information security marketplace that requires the services of a regulated professional services industry. CREST provides organisations wishing to buy penetration testing and information security assurance services with confidence that the work will be carried out by qualified individuals with up to date knowledge, skill and competence.
Achieving certification in 2010, SecAlliance brings a unique proposition by combining the services of six other CREST member companies. As a result we are able to draw upon a large pool of proficient resources to provide you with a full range of relevant and scalable services.
Working alongside the Bank of England, government and industry, CREST has developed a framework to deliver controlled, bespoke, intelligence-led cyber security tests. STAR (Simulated Target Attack and Response) incorporates penetration testing and threat intelligence services to accurately replicate threats to critical assets.
SecAlliance gained accreditation as a CREST STAR Threat Intelligence provider in July 2015.
STAR-FS is a framework for intelligence-led penetration testing focusing on the financial sector.
It has been has been created with exactly the same principles in mind as CREST STAR, except it is designed to be applied to financial services organisations without geographic constraint, outside the remit of CBEST and with limited involvement from the regulator. SecAlliance has gained accreditation to deliver STAR-FS assessments in 2020 as one of the first providers.
The CBEST scheme was created, developed and is run by the Bank of England. CBEST provides a structured and controlled framework for intelligence-led security testing within the financial sector.
Owing to the criticality of the functions and systems within the scope of CBEST, and the level of stability and security required, only organisations assessed and accredited by the Bank of England are permitted to provide CBEST services.
SecAlliance is certified as compliant to ISO 9001 and is committed to the international standard. This standard requires organisations to have a quality management system in place to ensure consistency and improvement of service, leading to high levels of performance and client satisfaction. Certified organisations need to demonstrate continuous improvement and are assessed annually to ensure progress is being maintained.
This accreditation demonstrates another level of assurance that SecAlliance is a reliable, quality driven organisation.
SecAlliance is certified as compliant to ISO 27001. The standard validates our commitment to maintaining the highest standards of quality and information security management across all of the services we provide to you. ISO 27001 sets out how an organisation should approach its information security management project and specifies the essential components.
Recognised internationally, achieving certification provides credibility for those claiming their client’s information is secure.
The Cyber Essentials scheme is a cyber security standard that organisations can be assessed and certified against. It identifies the security controls that an organisation must have in place within their IT systems in order to have confidence that they're addressing cyber security effectively and mitigating the risk from Internet-borne threats, at a basic level.
The scheme focuses on five essential mitigation strategies within the context of the 10 Steps to Cyber Security guide. It provides organisations with clear guidance on implementation as well as offering independent certification. Upon certification, an organisation can demonstrate to their customers that they have certain cyber security controls in place.
The G-Cloud framework is an agreement between the government and suppliers who provide cloud-based services. G-Cloud services are divided into 3 categories, or 'lots': Cloud Hosting, Cloud Software and Cloud Support.
For G-Cloud, SecAlliance offers the ThreatMatch Threat Intelligence Portal as the core deliverable through Lot 2: Cloud Software.
Digital Outcomes and Specialists helps the public sector buy, design, build and deliver digital outcomes and specialist services via crown commercial services