Training and examination guide
CREST provides globally recognised professional level certifications for individuals providing the following services: penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services.
There is a popular misconception that CREST deliver training, in actuality they do not, they create examinations and the syllabi for those exams. They do this by leveraging a community of expert associates to help produce the exams, and ensure that they uphold the standards expected within the cyber security industry. CREST Accredited Training Providers (CATP) like our instructors, take those exam syllabi and build CREST approved training courses around them.
As a CREST approved training provider, both the instructor and the course must be validated by CREST. A key requirement of CREST before granting approval to a training provider, is to ensure sufficient insurances are in place, and that all course material and instructors meet their exacting standards.
CREST certifications are broken down into the following three levels:
Competent to conduct routine assignments under supervision in structured environment. Practitioner level is widely considered 'entry-level'.
Competent to work independently without supervision and with limited sign-off. Registered level is for competent professionals.
Competent to run and sign off major projects. Certified level is aimed at very knowledgeable management and experienced technical professionals.