FPT Achieves CREST Certification for SOC Services

Amid the growing scale and sophistication of cybersecurity threats, FPT’s official achievement of the international CREST certification for its 24/7 Security Operations Center (SOC) marks a significant milestone, reaffirming FPT’s commitment to delivering world-class information security services to its customers.

CREST (Council of Registered Ethical Security Testers) is a global organization representing the cybersecurity industry, with over 370 members. CREST was established to standardize security testing activities such as penetration testing and incident response, ensuring that methods, skills, and processes meet the highest international standards.

FPT has officially achieved CREST certification for its Security Operations Center (SOC) services.

Achieving CREST certification for SOC services requires strict adherence to rigorous standards. Specifically, FPT needed to meet stringent criteria in areas such as Organisational Environment, Consumer Requirements, Technology & Tools, Event Analysis & Response, Threat Intelligence & Situational Awareness, and SOC Protection. To date, FPT is among the few cybersecurity companies in Vietnam to achieve dual CREST certifications for both Pentest services and SOC services. This accomplishment underscores FPT’s commitment to its customers, reflecting the quality of its services, the professionalism and the expertise of its cybersecurity team, which aligns closely with international standards. 

Currently, Vietnam and the Asia-Pacific region are facing an increasing wave of cyberattacks. According to the Department of Information Security (under the Ministry of Information and Communications), Vietnam recorded 4,483 cybersecurity incidents in the first 10 months of 2024. Notably, the sophistication and severity of these attacks are on the rise, with advanced persistent threats (APTs) on financial institutions, government agencies, and large enterprises becoming more prevalent, posing significant risks to critical data. Globally, total spending on cybersecurity and risk management is projected to reach $188 billion in 2023, marking a 12% increase compared to 2022.

The 24/7 Information Security Monitoring & Incident Response Service (SOC service) is currently the optimal solution for the security needs of organizations and businesses. SOC integrates high-quality security resources, advanced technology, and stringent processes to proactively identify risks and early signs of cyberattacks, enabling timely response and mitigation measures to minimize economic and reputational damage. However, one of the major challenges organizations and businesses face when building their own Security Operations Center (SOC) is the shortage of skilled cybersecurity personnel and the high initial investment costs. FPT’s SOC service emerges as an ideal choice, allowing organizations and businesses to quickly access high-quality SOC services at a reasonable cost.

FPT’s SOC service is highly regarded by CREST for its modern technological platform, the ability to integrate the most advanced tools to detect and respond promptly to cybersecurity threats, and its team of top-tier cybersecurity experts holding a range of difficult and specialized certifications such as CISSP, CISA, CEH, CHFI, OSWE, CISM, CSSLP, OSCP, CySA+, and more.

With extensive experience in implementing cybersecurity projects, FPT demonstrates its capabilities through a series of large-scale technology projects. FPT has partnered with numerous major clients, including government ministries, corporations, banks, and private enterprises, to deploy, monitor, and manage cybersecurity incidents through its SOC services. These efforts have enabled the prediction, prevention, and timely resolution of various threats. Additionally, FPT has earned international recognition, including the prestigious PCI DSS 4.0 Level 1 certification – the highest level of security certification for clients such as FE Credit, PVcomBank, and SHBFinance. FPT has also become the highest-level partner – Diamond Innovator – of Palo Alto Networks (PANW).

FPT has a team of highly skilled cybersecurity experts with a range of specialized certifications that meet international standards.

Mr. Tran Dang Hoa – Chairman of FPT IS, FPT Corporation, shared: “In the face of increasing cyberattacks, FPT continues to develop, enhance quality, and prioritize the application of stringent international standards in the processes of handling and operating all products within the Information Security Monitoring and Operation Center (SOC) ecosystem. FPT is committed to elevating service quality and protecting customers at the highest level against complex and unpredictable cybersecurity risks.”

Recently, FPT, along with Agribank, MSB Bank, and PA05 of the Ho Chi Minh City Police Department, was honored to receive the first-place award at the 2024 National Cybersecurity Exercise organized by A05. The event aims to help organizations enhance their awareness of security risks and improve their skills in detecting and responding to online threats effectively. This achievement further demonstrates FPT’s capabilities, experience, and continuous efforts to elevate service quality standards in the SOC field, Mr. Hoa added.

Previously, at the announcement and award ceremony for the 2024 Golden Key Award organized by the Vietnam Information Security Association (VNISA), FPT was also honored to be named among the top Vietnamese companies in network security testing and evaluation, as well as the top companies in encryption, authentication, and digital signatures. FPT is at the forefront of the leading security trends, developing flexible products and solution suites that meet the essential security needs of all organizations and businesses. In the category of Outstanding Information Security Services, FPT.EagleEye Pentest and FPT.EagleEye Compliance were recognized for their contributions in comprehensively addressing cybersecurity risks and detecting early security issues in applications and systems. The FPT.EagleEye Pentest service not only meets the network security testing and evaluation standards set by TCCS 02: 2020/VNISA, issued by the Vietnam Information Security Association, but also complies with the stringent criteria of the international cybersecurity organization CREST in the field of Pentest.