CREST Explained
CREST provides globally recognised professional level certifications for individuals providing the following services: penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services.
There is a popular misconception that CREST deliver training, in actuality they do not, they create examinations and the syllabi for those exams. They do this by leveraging a community of expert associates to help produce the exams, and ensure that they uphold the standards expected within the cyber security industry. CREST Accredited Training Providers (CATP) like our instructors, take those exam syllabi and build CREST approved training courses around them.
As a CREST approved training provider, both the instructor and the course must be validated by CREST. A key requirement of CREST before granting approval to a training provider, is to ensure sufficient insurances are in place, and that all course material and instructors meet their exacting standards.
CREST Certification Levels
CREST certifications are broken down into the following three levels:
Practitioner
Competent to conduct routine assignments under supervision in structured environment. Practitioner level is widely considered 'entry-level'.
Registered
Competent to work independently without supervision and with limited sign-off. Registered level is for competent professionals.
Certified
Competent to run and sign off major projects. Certified level is aimed at very knowledgeable management and experienced technical professionals.
CREST Examination Guide
CREST use Pearson Vue test centres and their own centres to ensure examinations are proctored correctly and in line with their standards. We highly recommend checking where your local Pearson Vue testing centre is in your country.
To book a CREST exam at a Pearson Vue centre, go to the Pearson Vue website and navigate to the ‘Take a Test’ section. Here you will be able to search for CREST and find your examination listed. If you haven’t already done so, you will be asked to create an account to proceed with your booking.
Outlined below are all the examinations that CREST currently offer:
| Exam Name | Discipline | Level |
|---|---|---|
| CREST Practitioner Threat Intelligence Analyst (CPTIA) | Threat Intelligence | Practitioner |
| CREST Registered Threat Intelligence Analyst (CRTIA) | Threat Intelligence | Registered |
| CREST Certified Threat Intelligence Manager (CCTIM) | Threat Intelligence | Certified |
| CREST Practitioner Security Analyst (CPSA) | Penetration Testing | Practitioner |
| CREST Registered Penetration Tester (CRT) | Penetration Testing | Registered |
| CREST Certified Infrastructure Tester (CCINF) | Penetration Testing | Certified |
| CREST Certified Web Application Tester (CCAPT) | Penetration Testing | Certified |
| CREST Certified Simulated Attack Specialist (CCSAS) | Penetration Testing | Certified |
| CREST Certified Simulated Attack Manager (CCSAM) | Penetration Testing | Certified |
| CREST Practitioner Intrusion Analyst (CPIA) | Incident Response | Practitioner |
| CREST Registered Intrusion Analyst (CRIA) | Incident Response | Registered |
| CREST Certified Incident Manager (CCIM) | Incident Response | Certified |
| CREST Certified Network Intrusion Analyst (CCNIA) | Incident Response | Certified |
| CREST Certified Host Intrusion Analyst (CCHIA) | Incident Response | Certified |
| CREST Certified Malware Reverse Engineer (CCMRE) | Incident Response | Certified |