2026 Hack Report: Insights from CyberCX offensive security testing → 

decor
decor

Australia’s trusted cyber security partner

CREST Penetration Testing

Secure your organisation with Penetration Testing from Australia’s largest and most experienced team of certified testing experts.

  • CREST certified Penetration Testing, tailored to your specific requirements
  • Our team of experts are independantly assessed and certified by CREST
  • CREST-led testing ensures detailed reporting and actionable recommendations
  •  Align with a globally recognised testing standard

 

Talk to a CREST accredited testing expert

CyberCX holds CREST membership as part of its assurance offering, which requires independent validation of its technical capability, governance, and staff competence. CREST assesses both the organisation and its practitioners against defined criteria covering penetration testing, threat intelligence, and incident response services. Maintaining that status involves periodic review rather than a one-off certification, so there is ongoing scrutiny of how work is planned, delivered, and quality‑checked. For clients, this gives a clear line of sight into the baseline CyberCX is held to when delivering security testing and advisory services.

In practice, working in line with CREST requirements means CyberCX applies consistent testing methodologies, keeps detailed engagement records, and handles sensitive client data under controlled processes. Reporting is expected to be evidence‑based and structured in a way that supports remediation, without overstating risk or impact. Staff performing this work are individually certified where required, which ties delivery quality to proven skill rather than internal claims alone. This approach helps ensure engagements are repeatable, findings can be relied on, and outcomes stand up to external scrutiny if needed.

Trusted cyber security partner to leading Australian organisations.

logos

cta icon

Ready to get started?

Secure your organisation with Penetration Testing from Australia’s largest and most experienced team of certified testing experts.

decor
decor

CREST Penetration Testing Services

Penetration Testing against your applications, networks and physical environment.

Web Application Penetration Testing

Web Services Penetration Testing

External Network Penetration Testing

Internal Network Penetration Testing

Mobile Application Penetration Testing

Wireless Penetration Testing

Operational Technology (OT) Penetration Testing

Social Engineering Assessment

Physical Penetration Testing

Thick Client Penetration Testing

Open Source Intelligence (OSINT) Assessment

Hardware, Embedded Systems, & IoT Penetration Testing Services

Artificial Intelligence (AI) Penetration Testing

Security Testing as a Service

Continuous Monitoring and Assurance

Endpoint Resilience Assessment

Objective Based Penetration Testing

PCI DSS Penetration Testing

Restricted Environment Breakout Testing

SAP Penetration Testing

decor

Why partner with CyberCX for CREST Penetration Testing?

CyberCX are a CREST approved organisation with unmatched Penetration Testing capabilities and a strong local presence in Australia to deliver outstanding results.

We understand every organisation faces unique challenges. That’s why we tailor our Penetration Testing services to meet your specific requirements and help you achieve your desired outcomes.

Protect your digital assets and ensure operational resilience with comprehensive testing from Australia’s largest and most experienced team of certified testing experts.

cta icon

Ready to get started?

Secure your organisation with Penetration Testing from Australia’s largest and most experienced team of certified testing experts.

decor

Our Penetration Testing methodology

Our Penetration Testing methodology is a multi-layered approach based on world’s best practice.

Reconnaissance

Detailed information is gathered about systems, business processes, information flows and the technology that supports business operations.

 

Prioritisation & planning

Armed with essential information about the existing systems, our Penetration Testing team will prioritise the most likely threats your organisation faces.

 

Exploitation

CyberCX combines the use of advanced automated technologies, together with specialist manual techniques that have been honed over years of experience.

 

Reporting & remediation

Findings are prioritised according to risk level, providing for a clear, actionable list of remediation recommendations to harden your security posture.

 

decor

Customer success story

CyberCX appealed to us because it offered an end-to-end service from scoping, review and assessment, through to reporting and any required follow up. As a very busy internal technology team, we need partners who can listen to our needs and move independently as much as possible.”

Scott Whitfield
Chief Technology Officer 
Ravensdown 

cta icon

Ready to get started?

Secure your organisation with Penetration Testing from Australia’s largest and most experienced team of certified testing experts.

CREST Penetration Testing FAQs

Have a question about CREST penetration testing not covered here?
Contact our team and we’ll be happy to help.

 

decor

CREST is an international not-for-profit, membership body representing the global cyber security industry.

Since 2006, CREST has led the cyber security community in raising the standards of cyber service providers and professionals, quality assuring the sector, and providing confidence to the buying community, government and regulators.

For the best penetration testing outcome, organisations should look for providers with recognised certifications such as CREST.

CREST certified providers have been independently assessed against rigorous professional standards and are trusted by governments, regulators and major organisations worldwide. They have a proven track record of delivering secure, reliable and high-quality penetration testing services.

The main difference is the level of independent assurance behind the provider delivering the testing. CREST penetration testing is delivered by a CREST accredited provider that has demonstrated it meets recognised industry standards for the knowledge, skills and capability required to perform penetration testing.

Standard penetration testing may be offered by providers without recognised industry accreditation. In some cases, a low quoted price may be indicative of a lack of industry accreditation.

A CREST penetration test can be tailored to evaluate the security of your applications, networks and physical environments that could be exploited by threat actors. There are many types of penetration testing, generally categorised as:

  • Network Penetration Testing (External, Internal, SOE, Mobile Devices, Wireless)
  • Application Penetration Testing (Mobile, Web, Web Service/API, Thick Client)
  • Physical Security & Social Engineering
  • Red Teaming (which encompasses any or all of the above)

Australia’s trusted
cyber security and cloud partner

group icon

Expertise at scale

More than 1,400 cyber security and cloud professionals delivering solutions to our customers.

eye telescope

Eyes on glass 24/7

Continuous monitoring of your network across our 9 advanced security operations centres globally.

customer support

Help when you need it

The region’s largest team of incident responders handle over 250 cyber breaches per year.

shield icon

Assessing your needs

Industry-leading experts conduct more than 500 baseline security assessments per year.

star icon

Providing credible assurance

Our exceptional team of ethical hackers conducts over 3,000 penetration tests per year.

graduate icon

Training the next generation

The CyberCX Academy has trained 300 cyber security professionals in three years.

decor