Accreditation partner: CREST
Dubai Cyber Force Program

Offensive security, held to a standard

The Dubai Cyber Force Program accredits the penetration-testing and incident-response firms — and the individual professionals — that Dubai entities call on to test their defences and respond when it matters. It is delivered in partnership with CREST.

At a glance

AudiencePen-test & IR providers
Accreditation partnerCREST
Validity2 years
Continuous assuranceIncluded

Who must hold it

Firms offering penetration testing, red-teaming or incident-response services to Dubai government entities — and the individual testers who carry out that work — are expected to be accredited under the Dubai Cyber Force Program for the services they provide.

What accreditation assesses

A plain-language view of what firms and individuals are held to.

The accreditation path

CREST is the accreditation partner whose framework underpins the program; DESC holds the final decision. The two-year term is kept honest by continuous assurance — so competency and conduct are monitored, not just certified once.

The role of CREST

CREST is the internationally recognised accreditation body for technical security services, and the Dubai Cyber Force Program is built on its framework. The platform adds a continuous-assurance layer around that accreditation; it does not replace CREST or diminish its standing.