For the most precise, tailor-made testing and advise, nothing beats the human brain. We have a team of seasoned security professionals who can help you with testing and optimising the security of your organisation in your specific context. We help you by demonstrating how your IT can be exploited and advising how you can fix and prevent this from happening in the future.
Machines are great at replacing humans for boring, risky or high-precision tasks.
Humans are great at critical thinking, creativity and understanding the context of what’s going on.
Our team has 50+ years of joint security experience, with a rich background in red teaming, penetration testing and security advisory.
During a red teaming exercise, we — the red team — attack your organisation, and you — the blue team — tries to defend against it. Apart from evaluating your technical defences, red teaming is a great way to evaluate your organisational capabilities during an attack. It’s by far the best approximation of a real attack.
The offensive security team of CREDS is located in the Netherlands. We aim to outsmart real criminals by continuously challenging and training ourselves, partnering with top intelligence providers for the latest attack strategies and embracing a high level of automation so we can focus on the specific characteristics of your company and hard-to-exploit weaknesses. We do not believe in sub-contractors and are happy to tell you about our internal controls which minimize your operational risk and ensure our compliance.
Our engagements are performed by a multi-disciplinary team. Depending on your needs a developer, ethical hacker and/or IT-auditor (RE) is involved to put risks in the perspective of your organisation and align with control frameworks, regulators and legal requirements. The team lead has at least 10 years of experience in IT security and the team members are seasoned security professionals with relevant certifications.
All our team members are really eager to challenge themselves and each other. Even outside our formal working hours and assignments, we spend many hours on security research. Our constant drive to improve and automate what we have, really defines us. Because security is our passion, not our job.