STAR Penetration Testing Providers
Simulated Targeted Attack and Response · Published by CREST International
STAR (Simulated Targeted Attack and Response) is a CREST-developed framework for intelligence-led security testing that provides a structured approach to simulating advanced persistent threat (APT) attacks against organisations. STAR assessments combine threat intelligence, red team operations, and blue team evaluation to provide a comprehensive assessment of an organisation's ability to detect, respond to, and recover from sophisticated cyber attacks.
The framework builds on CREST's penetration testing methodology but extends it to cover the full attack lifecycle, including pre-attack reconnaissance, initial compromise, establishing persistence, lateral movement, privilege escalation, data exfiltration, and covering tracks. STAR assessments require providers to hold specific STAR accreditation from CREST, demonstrating advanced red team capabilities and experience in conducting complex, multi-phase attack simulations. The framework emphasises collaboration between the red team and the organisation's defensive teams during the replay phase, ensuring that lessons learned from the simulated attacks translate into concrete improvements in detection rules, response procedures, and security architecture.
STAR is particularly relevant for organisations in sectors including financial services, critical infrastructure, and defence where the threat of targeted attacks from sophisticated adversaries is a primary concern. The framework provides a standardised, quality-assured approach to advanced adversary simulation that goes beyond traditional penetration testing to test the full spectrum of people, processes, and technology involved in cyber defence.
Key Features
- —CREST-developed advanced framework
- —Full APT simulation lifecycle
- —Combined red/blue team assessment
- —Replay and improvement workshops
- —STAR-specific provider accreditation
Best For
- —Advanced adversary simulation
- —Financial services organisations
- —Critical infrastructure operators
- —Defence and government
- —Organisations with mature security operations
Providers using STAR (0)
No providers match your filters.
STAR FAQs
How does STAR differ from CBEST?+
STAR is a CREST framework available to organisations across sectors, while CBEST is specifically designed for UK financial services under Bank of England supervision. STAR provides a similar intelligence-led approach but is not limited to a single regulatory context.
What accreditation do providers need for STAR?+
Providers must hold specific STAR accreditation from CREST, which requires demonstrating advanced red team capabilities, threat intelligence expertise, and experience in conducting complex multi-phase attack simulations beyond standard CREST penetration testing accreditation.
Is STAR suitable for all organisations?+
STAR is designed for organisations with mature security programmes that want to test their resilience against advanced threats. Organisations should have functioning detection and response capabilities (SOC, SIEM, EDR) before undertaking a STAR assessment to gain maximum value.