AMR CyberSecurity – Part of Infinum has received CREST accreditation in the United States for the first time across four offensive security disciplines: Penetration Testing, Vulnerability Assessment, Application Security Testing, and Threat Led Penetration Testing.
CREST is one of the most recognised international bodies for assessing security organisations against rigorous standards covering people, processes, and service delivery.
Accreditation across all four disciplines confirms that AMR’s work meets those benchmarks in the US market, where demand for validated security assurance is particularly acute in financial services, healthcare, and critical infrastructure.
For organisations navigating complex regulatory environments or high-stakes security decisions, this is the kind of independent assurance that matters. It means engaging AMR with the confidence that the methodology, governance, and expertise behind every engagement have been externally validated.
Four disciplines, one standard
The accreditation covers the full range of AMR’s core offensive security services:
- Penetration Testing
- Vulnerability Assessment
- Application Security Testing
- Threat Led Penetration Testing
Together, these cover the main ways organisations test and validate their defences – from identifying specific vulnerabilities to simulating the tactics of real-world threat actors.
“Gaining CREST accreditation in the United States is an important milestone for AMR CyberSecurity – Part of Infinum, and a reflection of the standards we set ourselves every day,” said Martin Walsham, Director of Cybersecurity at AMR CyberSecurity – Part of Infinum.
CREST accreditation provides independent evidence that our services are delivered to recognised international standards. Whether organisations need penetration testing, application security assurance, vulnerability assessment, or threat-led testing, they can engage AMR knowing quality and integrity sit at the heart of our work.
MARTIN WALSHAM, DIRECTOR OF CYBERSECURITY, AMR CYBERSECURITY – PART OF INFINUM
This accreditation is part of a broader run of independent recognitions for AMR.
Earlier this year, the team became one of only four organisations in the UK authorised to deliver NCSC Cyber Resilience Test Facility (CRTF) evaluations – and was approved as a Certification Body across all four levels of the UK Ministry of Defence’s Defence Cyber Certification (DCC) scheme, making AMR one of a limited number of organisations able to certify at every level.
The US CREST accreditation extends that independently assured capability into a new market.
AMR CyberSecurity – Part of Infinum combines specialist security expertise with broader engineering and technology capabilities, helping clients not just secure what they’ve already built, but build securely from the start.
Want to strengthen your security posture with independently assured testing? Get in touch with our team.