Professional Qualifications

CREST provides a recognised career path right from entry into the industry through to experienced senior tester level.  We work with the largest number of technical information security providers who support and guide the development of our examination and career paths.

All the information you need to book a CREST examination can be found on the Examination Booking page in your country of choice which  includes the Terms and Conditions for booking, information on logistics and timings and CREST’s policy for candidates requiring additional time to accommodate a medical condition (must be advised in advance and medical evidence required);  the booking form also contains a number of frequently asked questions.

A number of changes have taken place to the format of our examinations.  Please familiarise yourself with these by reading the Examination Changes page for full details.  A summary of the examination delivery methods is shown in the table below.

Examination Title Entire Exam at Pearson Vue Written Element at Pearson Vue Entire Exam at CREST Exam Centre Practical Element at CREST Exam Centre
Practitioner Security Analyst
Registered Penetration Tester
Certified Infrastructure Tester
Certified Web Application Tester
Certified Simulated Attack Specialist
Certified Simulated Attack Manager
Registered Threat Intelligence Analyst
Certified Threat Intelligence Manager
Practitioner Intrusion Analyst
Registered Intrusion Analyst
Certified Network Intrusion Analyst
Certified Host Intrusion Analyst
Certified Malware Reverse Engineer
Certified Incident Manager
Registered Technical Security Architect

The Examinations Overiew gives information on each examination.   You can also click on the links below to review the technical syllabus of each examination:

Penetration Testing Examinations:
CREST Practitioner Security Analyst – technical syllabus (PDF)
CREST Registered Penetration Tester – technical syllabus (PDF)
CREST Certified Web Applications Tester and CREST Certified Infrastructure Tester – technical syllabus (PDF)
Wireless Specialist – technical syllabus (PDF)

CBEST / Simulated Target Attack and Response (STAR) Examinations:
Certified Simulated Attack Manager  – technical syllabus (PDF)
Certified Simulated Attack Specialist – technical syllabus (PDF)
Registered Threat Intelligence Analyst – technical syllabus (PDF)
Certified Threat Intelligence Manager – technical syllabus (PDF)

Incident Response Examinations:
Practitioner Intrusion Analyst – technical syllabus (PDF)
Registered Intrusion Analyst – technical syllabus (PDF)
Certified Network Intrusion Analyst – technical syllabus (PDF)
Certified Host Intrusion Analyst – technical syllabus (PDF)
Certified Malware Reverse Engineer – technical syllabus (PDF)
Certified Incident Manager – technical syllabus (PDF)

Security Architecture Examination:
Registered Technical Security Architect – technical syllabus (PDF)

The diagram below depicts the career path offered by CREST qualifications:Examinations Diagram_Updated

Please note that the following examinations are currently in development:

CREST have also accredited a number of training courses that align with elements of the syllabuses for our examinations.  You will find full details on this page.

Recommended preparation material for our examinations