A Buyer's Guide to Procuring Penetration Testing Services


The CREST Penetration Testing Services Procurement Guide provides practical advice on the purchase and management of penetration testing services, helping you to conduct effective, value for money penetration testing.  It is designed to enable your organisation to plan for a penetration test, select an appropriate third party provider and manage all the important related activities.

The Guide presents a useful overview of the key concepts you will need to understand to conduct a well-managed penetration test, explaining what a penetration test is (and is not), outlining its’ strengths and limitations and describing why an organisation would typically choose to employ an external provider of penetration testing services.

The Guide is presented as a five stage procurement approach and then offers advice and guidance on how to:

Finally, the Guide highlights the main criteria to consider when choosing an appropriate external provider of penetration testing services.

Please click on the image to download a copy of the guide.