NCSC Certified Cyber Resilience Test Facility (CRTF)

Your regulated clients need independent evidence of your product’s security posture - we provide it.

SecurLab is a UK sovereign cyber security company and NCSC Certified Cyber Resilience Test Facility (CRTF). We deliver independent, evidence-backed assurance for software, hardware, and ITAD providers giving you clear, defensible confidence in your security and a credible answer for every procurement, audit, and compliance challenge.

Our mission is simple: secure the digital supply chain.

Independent cyber security assurance for UK software, hardware and ITAD providers

Book Your Free Assessment Now

Get a free expert-led gap analysis supported by SecurLab’s portal to understand your current position against either:

  • NCSC Principles Based Assurance or

  • NCSC Sanitisation (replacement for CAS-S)

Take My Free Gap Assessment Now
NCSC Principles-Based Assurance assessment lifecycle — Securlab
Business infographic with four sections: Build Trust, Reduce Risk, Win More Business, Create Long-Term Value; each section includes icons and brief descriptions.

What Does an NCSC Certified CRTF do?

A Cyber Resilience Testing Facility (CRTF) is an NCSC approved body that independently assesses cyber security products and services

Product Assurance Assessment

  • Verify security claims - Independently validate security claims against NCSC principles, no self‑attestation.

  • Assess real world claims - Confirm controls are effective in practice, not just in design or documentation.

  • Support assurance pathways - Outcome focused assurance aligned to modern, evolving systems, not checklists.

  • Enable trusted procurement - Enable structured progression from readiness to independent and ongoing assurance.

Sanitisation Assurance Assessment

The successor to CAS-S — independently assessed by a certified CRTF.

If your clients expected CAS-S certification, or you held it, SecurLab provides the NCSC-aligned replacement. We independently validate that your disposal processes destroy data irrecoverably — not just remove it.

  • Former CAS-S replacement — continuity of assurance for ITAD providers and their clients

  • Independent validation buyers trust — no supplier self-attestation

  • Data irrecoverability confirmed — not just removal

  • Audit and procurement ready — structured, traceable evidence

Why NCSC Assurance Matters?

Independent Validation of Security Outcomes

CRTF-aligned assurance replaces self-attestation with independent validation. Evidence that your controls actually work in practice assessed by a certified third party against NCSC principles. Your buyers don't have to take your word for it.

Clear Competitive Advantage in Procurement

CRTF assurance makes you easier to buy from. Independent validation reduces the due diligence burden on procurement teams, shortens sales cycles, and sets you apart from competitors whose security claims rest on documentation alone.

Alignment with NCSC and Government Expectations

CRTF and PBA reflect how the UK government expects cyber risk to be managed across public sector and critical supply chains. Aligning to NCSC principles demonstrates conformance with national best practice and removes friction when selling into regulated environments.

Why Choose Us?

NCSC Aligned Expertise

The standard your buyers expect

  • NCSC Certified Cyber Resilience Test Facility

  • Principles-Based Assurance — not checklist compliance

  • Aligned to government expectations

  • Recognised by the buyers and regulators that matter

Efficient Process

Built to reduce the burden on your team

  • Structured assessment approach with clear milestones

  • Dedicated platform, reduces assessment time

  • Typical delivery in 4–5 weeks from kick-off

  • Designed to scale and repeat

Independent / Certified / Trusted

No conflicts. No compromise.

  • Independently owned — no competing service lines

  • ISO 27001 / ISO 9001 / Cyber Essentials Plus

  • Findings based solely on evidence, not relationship

  • Assurance your clients and auditors can rely on

Latest white papers

IEC 62443 and Principles-Based Assurance – Bridging Industrial Security and Cyber Resilience

Continuous Cyber Assurance – Why Certification Alone Is No Longer Enough

How the UK Cyber Security and Resilience Bill Aligns with Principles Based Assurance

Cyber Resilience Test Facilities (CRTF) / Principals Based Assurance (PBA) Readiness Guide

Who We Work With

  • Cyber Security Vendors

  • SaaS & Tech Providers

  • ITAD Companies

  • Government Suppliers

  • Critical Infrastructure

  • Product Vendors

Ready to demonstrate your security posture?

Get your free gap assessment

Understand your current position against NCSC Principles-Based Assurance or Sanitisation standards free, expert-led, and delivered through SecurLab's assessment portal.

No commitment. No sales pitch. Just a clear picture of where you stand.

Book My Free Assessment

Speak to an Expert

Not sure where to start, or want to talk through your options before committing?

Drop us a message and one of our team will come back to you.

We'll get back to you within one business day.

Speak To An Expert