CREST STAR Assessments

Contact Form

ProCheckUp is an approved provider of CREST STAR services.

STAR (Simulated Target Attack and Response) is a new, intelligence-led, vulnerability testing framework devised to replicate the behaviours of a real-world threat against individual clients. The testing framework has been designed to provide a bespoke assessment service, tailoring the assessment to replicate the specific threats faced by an organisation.

STAR has been created for non-financial organisations, using the same methodology as CBEST assessments, while managing the risks of a simulated attack exercise. STAR can be used by financial organisations to prepare for a CBEST assessment. STAR providers have to go through additional levels of assurance, and work with threat intelligence providers to provide intelligence led security assessments.

ProCheckUp has formed a partnership with Digital Shadows; a threat intelligence provider. For each STAR engagement, Digital Shadows will provide ProCheckUp with a customised threat intelligence report identifying the key threats facing your organisation. The threat intelligence report is used by ProCheckUp to develop a tailored testing strategy to focus the security assessment and replicate the threats facing your business.

ProCheckUp STAR testing delivers a customised testing experience simulating the threat posed by current threat actors and Advanced Persistent Threats (APTs) to replicate the most realistic attack scenarios and deliver a comprehensive evaluation of your current threat exposure.

ProCheckUp Engagement lifecycle

Procheckup utilises a standard engagement model for all engagements which is defined below: -

Offering - Activities that take place before the execution of a consultancy assignment:

Pre-sales and identification of client needs;
Creation of an agreement, typically covering: - Context of the work - Services and deliverables - Approach and work plan - Roles and responsibilities.

Execution - Delivery of the services agreed at the offering stage to satisfy the client:

Refining the work plan;
Implementing the agreed work plan;
Assignment of staff, management and mentoring;
Approval and acceptance.

Closure - Activities that take place at the end of a consultancy assignment:

Final client evaluation and agreement that the service has been delivered;
Conclusion of obligations;
Finalising payment;
Any subsequent improvements to the service.

Please contact us for more information on how ProCheckUp STAR testing can help you.

Penetration Testing And Security Audit

Application Testing

Breakout testing

Build and Configuration Reviews

Build Reviews

Cloud and Virtualisation Testing

Confirmation - request a call back

Device Testing/IOT testing

Infrastructure Testing

IoT Security Reviews

Laptop and Mobile Device Security Reviews

Managed Scanning Service

Mobile Application Testing

NCSC IT Health Checks

Penetration Testing

Processes

Red Teaming

Social Engineering

Supply Chain Testing

Vulnerability Assessment

Wireless Testing

Wireless Testing - New!

Security Risk: Understanding, Assessing, and Mitigating Threats

Architecture Security Review

Data Discovery

External Internet Discovery

Internal Network Discovery

Mergers and Acquisitions

Onsite/Remote Security Manager

Open Source Intelligence Gathering

Physical Security Audit

Segmentation Testing

Targeted Attack Resistance Assessment

Virtual CISO

Training And Knowledge Transfer

Forensic First Responder (FFR)

Compliance & Advisory

CREST STAR Assessments

Cyber Assurance

Cyber Essentials Plus

Cyber Maturity Assessment

Data Protection Impact Assessments (DPIA)

General Data Protection Regulation (GDPR)

GovAssure

ISO 27001 Compliance

PCI ASV

PCI Data Security Standards

PCI FAQ

PCI QSA

PECR

PSN Compliance (ITHC) Testing

Training Services

Transitioning to PCI-DSS Version 4.0:

Incident Response And Forensics

Breach Impact Assessments

edisclosure / eDiscovery

Expert Witness

Forensics

Forensics Readiness Plan

Gold Teaming

Incident Response

Incident Response Retainer

Intrusion Analysis

Malware Reverse Engineering

Technical Services Counter Measures (TSCM)

CREST STAR Assessments

ProCheckUp Engagement lifecycle

Need Help?

Our Services

Penetration Testing And Security Audit

Security Risk: Understanding, Assessing, and Mitigating Threats

Training And Knowledge Transfer

Compliance & Advisory

Incident Response And Forensics

Keep up to date!

ACCREDITATIONS

Read ProCheckUp’s 'GDPR Bytes' article

BSides London conference 2016