We take our security certifications seriously.
So should you.

We prioritise our security accreditations and certifications, considering them integral to our business. We dedicate resources to uphold and update them, staying informed about evolving trends to ensure your security.

Our Certifications and Accreditations

We invest in security certifications for a good reason - your security.

CREST icon

CREST Certified

We invest in certification from the Council of Registered Ethical Security Testers - the primary not-for-profit accreditation body for the cyber industry.

Cyber Essentials

Precursor are an IASME accredited Certification Body and expert in helping you achieve Cyber Essentials and Cyber Essentials Plus certification for your business.

ISO27001 Certification

We are UKAS Accredited for ISO 27001 Information Security Management Systems, reinforcing our commitment to maintaining the highest standards in information security.

Crown Service Supplier

We provide security services and products to many public sector organisations as a pre-approved supplier.

Offensive Security Certifications

Offensive security certifications are the best defence. We use the same tools and approaches as real-world attackers.

Why are certifications so important to us?

Certifications such as CREST, Cyber Essentials, UKAS, OSCP, and others, along with non-security assessments from Microsoft and AWS, are vital for instilling trust. Amidst numerous testing options and security consultants, certifications from professional bodies offer a foundation for customers to make informed decisions. For example, CREST certifications not only verify the technical proficiency of individual testers but also guarantee that accredited companies follow the highest ethical and legal standards throughout the entire penetration testing process, from scoping to reporting.

Why should certifications be important to you?

Choosing a security provider involves trust and key considerations: Can they identify vulnerabilities, report efficiently, and assist in remediation? Concerns about secure data storage, reliability, trustworthiness, and overall competence arise. Certifications like 'CREST Certified Professional' act as a reliable starting point, ensuring standards for experience and tested knowledge.

For instance, 'CREST Certified Professional' requires 10,000 hours of experience and success in industry-recognised exams, setting a high standard for your security services shortlist.

Our Certifications and Accreditations

We invest in security certifications for a good reason - your security.

Frequently Asked Questions

We don't leave any stone unturned – here are answers to our frequently asked questions...

Is it the company or the individual that holds the certifications?

So who does actually hold the certification? In many cases it’s both. To use CREST as an example, they accredit at the company level and certify the individual testers to different levels. Using a ‘CREST accredited company’ to deliver penetration testing does not mean that the person delivering your test is fully certified. Make sure you know exactly what you’re getting and who is delivering it.

What’s the difference between a certification and an accreditation?

To give you practical examples, we can look at IASME for Cyber Essentials and Cyber Essentials Plus and UKAS Information Security Management Systems Certification (ISMS) to ISO/IEC 27001. In both cases Precursor are accredited to audit and test third-party companies and issue approved certifications that they meet the required standards.

What is CREST?

CREST is an international, not-for-profit accreditation and certification body that represents and supports the technical information security market. CREST stands for “Council of Registered Ethical Security Testers”.

CREST delivers internationally recognised accreditations for organisations as well as professional level certifications for individuals in all aspects of penetration testing and cyber security.

Why is using a CREST accredited company important?

CREST certification means that Precursor at a company level has gone through a rigorous examination of our polices, processes and procedures as they relate to information handling and security. In addition, one or more of our testers - and in our case ALL of our testers - have gone through equally rigorous examinations at the individual level to assess their technical and business capabilities for testing.