Context is a member of CREST, which was created in response to the need for regulated and professional security testers to serve the global information security marketplace. CREST is a standards-based organization for penetration test suppliers incorporating a best practice technical certification program for individual consultants. Additionally CREST provides its members with a framework of guidance including standards, methodologies and recommendations aimed at ensuring the very highest standards of leading-edge security testing.
Context is qualified to provide CREST Simulated Target Attack and Response (STAR) services. The assessments are primarily threat intelligence-led penetration tests and are considered to be the most realistic form of assurance service within the sector. STAR assessments allow Context to identify weaknesses that go beyond the technical vulnerabilities typically found in a penetration test, and to assess an organization’s overall capability to prevent, detect, and respond to a compromise.
Context is furthermore CREST accredited for the supply of Simulated Targeted Attack (STAR) Threat Intelligence services.
Bank of England's CBEST scheme
Context is proud to be one of the first adopters of the CBEST scheme. The Bank of England (BoE) developed CBEST as a framework to deliver controlled, bespoke, intelligence-led cyber security tests. These tests replicate the behaviors of those threat actors, assessed by Government and commercial intelligence providers as posing a genuine threat to systemically important financial institutions. CBEST is the first initiative of its type to be led by any of the world’s central banks.
ISO9001:2015: Context’s Quality Management System (QMS) is certified by BSI to the international standard ISO9001:2015. ISO9001 is a globally recognized standard for the quality management of businesses and is used by Context to measure the effectiveness of all business processes and procedures used to provide quality and consistency in all of our services and products. Our QMS is also used to ensure our products / services continually improve, remain appropriate and continue to meet our clients’ requirements. The scope of our QMS includes all places of business and our certification includes London, Cheltenham, Essen and Melbourne.
ISO27001:2013: ISO27001:2013 is an international standard used to specify the requirements of an Information Security Management System (ISMS). It is designed to ensure that companies or organizations select and deploy adequate and proportionate security controls. Its scope includes full assessment of existing security policies and procedures and the establishment of a process for continuous improvement of those policies and procedures. The scope of our ISMS includes all places of business and our certification includes London, Cheltenham, Essen and Melbourne.