FPT IS  became a CREST member for penetration testing services 

In February 2024, FPT Information System Corporation (FPT IS) officially became the CREST organization’s member for penetration testing services (Pentest). FPT IS’s Pentest successfully underwent rigorous assessments that enabled it to be among the select few companies in Vietnam that are eligible to be a recognized member of CREST. This international certification serves as proof of FPT IS’s dedication to providing its clients with top-notch information security solutions that reach global standards.

FPT IS’ Pentest service has been evaluated by CREST to ensure compliance with global standards in terms of expertise, professional experience, technological capabilities, policies, processes, procedures, and professional ethics. Joining CREST is a significant milestone for FPT IS as it strives to standardize its Pentest services according to international norms. FPT IS is also currently the only technology company in Vietnam to hold CREST accreditation for Pentest services and PCI.QSA for consulting and assessment, as well as PCI.DSS certification services. This move aims to address the security concerns of customers in Vietnam and worldwide. Additionally, it marks a notable achievement in FPT IS’s global expansion strategy. 

FPT IS ascends to CREST membership for penetration testing services

In 2023, the Ministry of Information and Communications released both warnings and guidelines about 12,846 instances of cyberattacks, representing a 5.3% rise in comparison to 2022. Within this context, the utilization of Pentest services has become significant for organizations and enterprises to identify security vulnerabilities and assess the resilience of their systems. Acquiring membership as a CREST organization not only assists FPT IS in establishing its reputation and capability in the context of information security testing but also provides numerous opportunities to engage with over 300 potential partners and customers in the CREST community.

CREST is a non-profit organisation established in 2006, representing the IT security industry. CREST provides internationally recognized accreditation for organisations providing information security services and professional certifications for individuals providing security vulnerability assessment, penetration testing, response services, cyber incidents, cybersecurity threat intelligence, and security operations centre (SOC).

With a rigorous quality testing process, CREST has established a new benchmark, becoming an esteemed accreditation for businesses and organizations. CREST members undergo annual reviews, and every 3 years, a comprehensive evaluation of accredited businesses is conducted.

To be acknowledged as a CREST member, businesses must fulfil many strict criteria. Specifically, FPT IS satisfies these requirements by possessing a range of world-class IT certifications (such as ISO9001, ISO27001…).

In terms of the Pentest Service’s capabilities, FPT IS has achieved nearly perfect results, demonstrating success in numerous large-scale projects through its team of top-tier technology experts.

CREST also assesses service implementation based on customer references. FPT IS has received positive feedback from international and domestic customers, thereby strengthening the business’s standing and capabilities.

Rowland Johnson, president of CREST stated: “We are pleased to welcome FPT IS as a CREST accredited member company in the Asia region. To gain accreditation for its penetration testing services, FPT IS has been through a demanding assessment process that examined test methodologies, legal and regulatory requirements, data protection standards, logging and auditing, internal and external communications with stakeholders, as well as how test data security is maintained. FPT IS joins a growing number of companies in Vietnam with our internationally recognised accreditation that provides buyers with valuable, independent evaluations of leading organisations and businesses.”

“We are currently the only technology unit in Vietnam to own CREST accreditation for Pentest and QSA services. This demonstrates FPT IS’s pioneering leadership in information security while affirming its commitment to customers. Being recognised by CREST will push FPT IS to strengthen its position in the domestic market and expand cooperation opportunities with international partners and customers, especially in industries that require high security, safety and data compliance such as finance, banking and e-commerce. We will continue to develop FPT IS products and services that meet international standards, conquering the global market,” Nguyen Hoang Minh, CEO of FPT IS, shared.

Before being confirmed as a member of CREST, FPT IS was a member of the Payment Card Industry Security Standard Council (PCI SSC) and was allowed to provide consulting and assessment services. FPT IS assesses the Global Managed Services Park with an aim to provide services for 100 international customers, host more than 1,000 employees, and reach a revenue of $30 million by 2026.