CREST Training & Examination Guide

CREST Explained

Training and examination guide

CREST provides globally recognised professional level certifications for individuals providing the following services: penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services.

There is a popular misconception that CREST deliver training, in actuality they do not, they create examinations and the syllabi for those exams. They do this by leveraging a community of expert associates to help produce the exams, and ensure that they uphold the standards expected within the cyber security industry. CREST Accredited Training Providers (CATP) like our instructors, take those exam syllabi and build CREST approved training courses around them.

As a CREST approved training provider, both the instructor and the course must be validated by CREST. A key requirement of CREST before granting approval to a training provider, is to ensure sufficient insurances are in place, and that all course material and instructors meet their exacting standards.

CREST Certification Levels

CREST certifications are broken down into the following three levels:


Competent to conduct routine assignments under supervision in structured environment. Practitioner level is widely considered 'entry-level'.


Competent to work independently without supervision and with limited sign-off. Registered level is for competent professionals.


Competent to run and sign off major projects. Certified level is aimed at very knowledgeable management and experienced technical professionals.

CREST Examination Guide

CREST use Pearson Vue test centres and their own centres to ensure examinations are proctored correctly and in line with their standards. We highly recommend checking where your local Pearson Vue testing centre is in your country.

To book a CREST exam at a Pearson Vue centre, go to the Pearson Vue website and navigate to the ‘Take a Test’ section. Here you will be able to search for CREST and find your examination listed. If you haven’t already done so, you will be asked to create an account to proceed with your booking.

Outlined below are all the examinations that CREST currently offer:

Penetration Testing
Practitioner CREST Practitioner Security Analyst CPSA
Registered CREST Registered Penetration Tester CRT
CREST Registered Security Analyst CRSA (Replacing CRT)
Certified CREST Certified Infrastructure Tester CCINF
CREST Certified Web Application Tester CCAPT
CREST Certified Simulated Attack Specialist CCSAS
CREST Certified Simulated Attack Manager CCSAM
Threat Intelligence
Practitioner CREST Practitioner Threat Intelligence Analyst (CPTIA)
Registered CREST Registered Threat Intelligence Analyst CRTIA (CRTIA)
Certified CREST Certified Threat Intelligence Manager CCTIM
Incident Response
Practitioner CREST Practitioner Intrusion Analyst CPIA
Registered CREST Registered Intrusion Analyst CRIA
Certified CREST Certified Incident Manager CCIM
CREST Certified Network Intrusion Analyst CCNIA
CREST Certified Host Intrusion Analyst CCHIA
CREST Certified Malware Reverse Engineer CCMRE
Security Architecture
Practitioner This syllabus is currently in development by CREST
Registered CREST Registered Security Architect CRSA
Certified This syllabus is currently in development by CREST

Ready to Learn?