NFIR receives the CCV Pentest Seal of Approval


On January 27, 2022, Daniël Knot and Marjolein Veenstra of KIWA presented NFIR with the pentest hallmark of the Center for Crime Prevention (CCV). Here you will find more information about this trustmark. This award makes NFIR the fifth IT-Security organization in the Netherlands to achieve this seal of approval. This quality mark, based on NEN-EN-ISO/IEC standards 17021 and 17065, gives customers the guarantee that the execution of a pen testing assignment by NFIR is carried out in a professional and high-quality manner.

CCV hallmark pen testing award ceremony

During the audit, conducted by KIWA, the working methods and certifications of the pentest team were scrutinized. In addition, the procedures, tooling used and qualifications of employees were reviewed.

Arwi van der Sluijs, NFIR’s general manager, calls obtaining the seal of approval “a nice proof that the execution of pen testing for our clients is done at a high level.” He would like to emphasize that NFIR, as an engineering club, attaches importance to transparent and verifiable processes. “In addition to the ISO 27001 and ISO 9001 certifications, this is an important certificate whose bar we believe can be set much higher” said van der Sluijs. Within Cybersecure Netherlands, NFIR will advocate for the taking of necessary next steps that will ensure that the quality bar is raised even further.

The CCV pentest quality mark is mainly about the processes and certifications used by pentesters. A pen test shows to what extent the security of environments such as a network infrastructure, (web) application or mobile application is effective and sufficiently technically resilient at the time of the pen test. This must be carried out competently. The certification of a pen test with the CCV Pen Testing Seal of Approval guarantees the quality of the pen tests and ensures that customers of our pen tests can have a justified confidence that the pen test delivered meets the requirements set in advance.

This is very important, according to van der Sluijs, but it is necessary that the industry also learns to report in a uniform way. Van der Sluijs explains: “For example, NFIR always accounts for exactly what was tested, according to which standards it was performed and what the scores are obv the CVSS. Many pen test providers just freewheel. This CCV Hallmark is going to separate the wheat from the chaff.”

Pen tests

Have the resilience of your website, (web) application or internal network checked by an NFIR penetration test. We offer customised pen tests, so that you get tested exactly where you want to gain insight into.


De volgende 30 minuten van cruciaal belang​!

De eerste 30 minuten na een cyber security incident zijn cruciaal omdat snelle reactie de schade kan beperken, verdere verspreiding van de aanval kan voorkomen en essentieel bewijsmateriaal veiliggesteld kan worden voor onderzoek en herstel.

Onze Computer Emergency Response Teams (CERT) staan 24/7 klaar om bedrijven en organisaties te ondersteunen bij IT-beveiligingsincidenten.

Heeft uw bedrijf professionele hulp nodig bij een beveiligingsincident? 


The next 30 minutes are crucial!

The first 30 minutes after a cyber security incident are crucial because rapid response can limit damage, prevent further spread of the attack and secure essential evidence for investigation and recovery.

Our Computer Emergency Response Teams (CERT) are available 24/7 to support businesses and organizations during IT security incidents.

Does your company need professional help with a security incident?