SecQuest - a NCSC Assured Service Provider

SecQuest - a NCSC Assured Service Provider

Speciality: Network Security Assessment

United Kingdom 14 employees
Visit Website View on LinkedIn
[01] About

UK-based cybersecurity consultancy specializing in penetration testing and security assessments; offers CHECK & CREST services with a team of 9 employees; founded in 2012; provides network, application, and infrastructure security testing, with 7,422 monthly website visits and a global rank of 2,835,237.

SecQuest offers specialised CHECK & CREST Cyber Security services to safeguard businesses against digital and physical threats. With a highly experienced team, SecQuest is committed to enhancing information protection, system security, and operational risk reduction for clients worldwide. We offer commercially smart pricing models providing excellent ROI. We are consultants who have previously worked in IBM's X-Force security team and are technical specialists with a great depth of understanding in penetration testing and network controls' circumvention techniques. SecQuest can be trusted to deliver a commercially smart service which will exceed our client's expectations in terms of quality of service and delivery. Established in 2012, SecQuest Information Security Ltd provides Cyber Security Services and is authorised by the NCSC to test against Government and Critical National Infrastructure (CNI) environments under the CHECK Scheme. All practitioners hold UK Government security clearance (SC) and are certified to deliver Penetration Testing Services. We look forward to supporting your security assurance requirements and collaborating as a trusted advisor to provide commercially smart and timely risk management within the infrastructure, networks and applications supporting your business. SecQuest holds ISO 27001, Cyber Essentials (CE+) to confirm the appropriate security management of all information. Plus, our quality client services are delivered within an ISO 9001 accredited framework. SecQuest is a CREST company. We are a Crown Commercial supplier and actively support NCSC's Cyber First programme.
[02] Services
Penetration Testing
Network Security Assessment
Application Security Assessment
Internal Network Infrastructure Assessment
Cyber Essentials Certification
[03] Certifications
NCSC CHECK
CREST

CREST Cybersecurity Certification


Origin


CREST (Council of Registered Ethical Security Testers) was established in 2006 in the United Kingdom by a group of cybersecurity professionals and industry representatives. It was created to address the growing need for standardized, recognized qualifications in penetration testing and cybersecurity services. The organization emerged from concerns about the quality and professionalism of security testing services, aiming to provide a framework that would certify both individual practitioners and the companies that employ them.


Industry Value


CREST certifications are highly valued in the cybersecurity industry because they demonstrate a practitioner's technical competence and adherence to professional ethical standards. Many government agencies, financial institutions, and large corporations specifically require CREST-certified professionals when procuring penetration testing or security assessment services. The certification provides assurance to employers and clients that certified individuals have been independently verified to possess the necessary skills and knowledge, and that they follow established codes of conduct. This makes CREST credentials particularly important for cybersecurity professionals working in regulated industries or seeking to work with organizations that have stringent security requirements.
Cyber Essentials Plus

Cyber Essentials Plus


Origin


Cyber Essentials Plus was created by the UK Government in 2014 in collaboration with the National Cyber Security Centre (NCSC), which is part of GCHQ. The scheme was developed in response to the growing threat of cyber attacks against UK businesses and organizations. It was designed to help organizations of all sizes implement basic cybersecurity controls to protect against the most common internet-based cyber threats, with the "Plus" variant including hands-on technical verification by qualified assessors.


Industry Value


Cyber Essentials Plus is highly valued because it provides verified assurance that an organization has implemented fundamental cybersecurity controls effectively. Unlike the standard Cyber Essentials self-assessment, the Plus certification requires external testing and vulnerability scanning, making it more rigorous and credible. It's increasingly required for UK government contracts involving sensitive information and is recognized by insurance providers, clients, and partners as evidence of a serious commitment to cybersecurity. The certification helps organizations demonstrate due diligence, reduce cyber risk, and differentiate themselves in competitive bidding situations.
ISO

ISO 27001 Cybersecurity Certification


ISO/IEC 27001 was developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), first published in 2005 and revised in 2013 and 2022. It evolved from the British Standard BS 7799, which was created in the 1990s by the UK government and industry to address growing concerns about information security management. The standard was developed to provide organizations with a systematic framework for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS).


ISO 27001 is highly valued in the industry because it demonstrates an organization's commitment to protecting sensitive information through internationally recognized best practices. The certification provides a competitive advantage, often serving as a requirement for doing business with government agencies and large corporations, particularly in sectors handling sensitive data. It helps organizations systematically identify security risks, implement appropriate controls, and prove due diligence in managing information security—which is increasingly important for regulatory compliance, customer trust, and reducing the likelihood of costly data breaches.