Skip to content
Log in

CREST

Definition

A UK-based not-for-profit professional body that publishes practitioner-focused incident response guidelines and operates accreditation schemes for IR service providers. CREST guidance emphasises technical response activities such as live forensics and threat intelligence integration.

Related terms

Framework blending
The practice of combining elements of multiple IR frameworks: for example, using NIST as the strategic backbone, SANS phase names in operational...
ISO/IEC 27035
An international standard for information security incident management. Part 1 covers principles and concepts; Part 2 covers planning and preparation. It defines...
NIST SP 800-61
The US National Institute of Standards and Technology's Computer Security Incident Handling Guide. It defines a four-phase IR lifecycle: Preparation; Detection and...
Phase granularity
The number and specificity of discrete steps a framework defines within the IR lifecycle. Higher granularity, as in SANS PICERL's six steps...
SANS PICERL
A six-step incident response model developed through SANS Institute training: Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned. PICERL breaks NIST's combined response...

Explained in

  • Comparing Incident Response FrameworksA UK-based not-for-profit professional body that publishes practitioner-focused incident response guidelines and operates accreditation schemes for IR service...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account