Certified Web Application Tester
The CREST Certified Web Application Tester examination is an assessment of the candidate’s ability to find vulnerabilities in bespoke web applications. The examination uses specially designed applications running on a variety of web application platforms. The candidate will be expected to demonstrate that they are able to find a range of security flaws and vulnerabilities, including proving the ability to exploit and leverage the flaws to ascertain the impact of the issues found.
Examination format
The format is the same for both the Infrastructure and Application
Certified Tester exams. The candidate will be expected to posses
not only the technical ability to find security weaknesses and
vulnerabilities, but also the skills to ensure findings are presented
in a clear, concise and understandable manner. The examination
consists of three tasks:
- A hands-on practical examination
- A multiple choice technical examination
- A long form ‘essay style’ written paper.
To pass the exam, the candidate must pass all three sections.
Syllabus
The syllabus for the certified tester examination is available here.
Individuals undertaking this examination can request that there information be provided to CESG to be considered for CHECK Team Leader (Web Applications) Status.