Nettitude is an approved provider of STAR threat intelligence and testing services. CREST has launched the STAR (Simulated Target Attack & Response) programme to cater for the growing requirement to combine threat intelligence with penetration testing services. CREST recognises that there are varying levels of sophistication in threat actors. As a consequence, for organisations that want to maximise the level of sophistication associated with their security tests, a STAR based security assessment is recommended.
CBEST & STAR Threat Intelligence
CBEST and STAR has been built around the starting point of understanding who the potential real threat actors are against your organisation. If you can identify the credible, likely threat actors and understand their typical approach, tools, tactics, techniques and procedures, this can then be used as a basis for building and simulating focused real world attacks. The threat data is used to build a number of scenarios that the penetration testing team will then build and simulate.
STAR/CBEST threat intelligence providers are required to go through additional levels of assurance to deliver intelligence led security assessments. As well as having a revised code-of-conduct and more rigorous company requirements, STAR threat intelligence companies demonstrate their capabilities and methodologies for data collection in line with strict ethical and legal obligations.
Data to build out threat intelligence is collected from a wide variety of sources including our in house developed global platforms and bespoke sensors, commercial feeds from our partners and through open source data. We deliver intelligence that is both technical, strategic and targeted in nature. This data can be used by an organisation to understand who their threat actors are and what attack vectors they are known to be operating within. Through understanding what threats an organisation may be facing, it is possible for an organisation to prepare a series of countermeasures to mitigate against these risk.
CBEST & STAR Penetration Testing
So as to deliver CBEST tests, there is a requirement for penetration testing organisations to work closely with threat intelligence providers. The threat data is used by the penetration testing company to tailor the assessment in line with the threats that the financial services organisation faces. As a consequence, this provides the closest simulation of threat that a penetration testing organisation can deliver.
STAR/CBEST penetration testing providers are required to go through additional levels of assurance to deliver intelligence led security assessments. As well as having a revised code-of-conduct and more rigorous company requirements, STAR penetration testers are also required to undertake additional levels of technical and operational assessment. These assessments are designed to mirror real life scenarios, with attack scenarios being consistent with many modern day APT’s (Advanced Persistent Threat).
The ability to customise the testing approach and use bespoke malware implant and simulations that reflects the real threats faced by your organisation increases significantly the value of this type of testing.
A robust analysis of the monitoring and detection, after the scenarios have been played out, provide you with an assurance level and roadmap to address any concerns raised.