CREST launches new globally available practical penetration testing certification

CREST launches new globally available practical penetration testing certification

Sep 7, 2021
1 minute

7 September 2021CREST, a not-for-profit accreditation and certification body representing the technical information security industry, has launched the first of four new practical penetration testing certifications that are designed to be delivered via selected Pearson Vue centres around the world. The new CREST Registered Security Analyst (CRSA) certification will provide CREST members, CREST qualified individuals and the wider industry with flexible, global access to this practical penetration testing examination.

CRSA is a new Registered level practical penetration testing certification. It has a slightly broader scope than the CREST Registered Penetration Tester (CRT) and includes desktop breakout assessments and a larger web application component. CRSA will run in parallel with CRT.

The UK's National Cyber Security Centre (NCSC) has confirmed that the CRSA certification will be recognised alongside the CRT for technical entry for CHECK Team Member. This applies to all CRSA certifications awarded, wherever in the world candidates take the examination.

The existing CREST Practitioner Security Analyst (CPSA) certification, which is already a prerequisite for the CRT, is also a prerequisite for the new CRSA examination. Please note that a CPSA qualification attained via equivalency cannot be used as the pre-requisite for booking the CRSA examination.

The CRSA is available to book from today through Pearson Vue CREST :: Pearson VUE.

The CRSA is the first in a suite of new practical certifications being developed by CREST. The others, which have not yet been recognised by NCSC, are:

  • CREST Certified Security Consultant (Red Team) – CCSC RED
  • CREST Certified Security Consultant (Networks) – CCSC NET
  • CREST Certified Security Consultant (Web) – CCSC WEB

"The examinations for all four new practical penetration testing certifications have been designed to be delivered entirely through Pearson Vue centres," said Ian Glover, President of CREST International. "This opens up the opportunity to individuals working in the cyber security industry to get the access to certify with CREST wherever they are in the world."

Pearson Vue centres offer a distraction-free, secure testing environment with continuous candidate surveillance. There are number of mandatory security measures at all test centres to ensure the integrity of the examinations and the safety of the candidates.

For full details on the CRSA please visit:


CREST is a not-for-profit accreditation and certification body representing the technical information security industry. CREST provides internationally recognised accreditations for organisations providing technical security services and professional level certifications for individuals providing vulnerability assessment, penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services. CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure currency of knowledge in fast changing technical security environments the certification process is repeated every three years.

CREST is governed by an elected Executive of experienced security professionals who also promote and develop awareness, ethics and standards within the cyber security industry. CREST supports its members and the wider information security industry by creating collaborative research material. This provides a strong voice for the industry, opportunities to share knowledge and delivers good practice guidance to the wider community.

For further information please contact:

Allie Andrews, Tel: +44 (0) 1442 245030