CREST is the Council of Registered Security Testers. CREST is an international not-for-profit accreditation and certification body that represents and supports the technical information security market.
CREST offer certifications under various domains. This includes Penetration Testing, Red Teaming, Simulated Attacks. They also offer certification for 'blue team' or defensive operations such as certifying Security Operations Centre (SOC) services.
What is a CREST registered tester?
The benefit of becoming a CREST Registered Tester (CRT) or any of the other CREST exams such as the CREST Certified Testing (CCT) is that you demonstrate you have met the high bar that CREST sets for certifications of you as an individual. Whereas company CREST member accredits and certifies the company, the exams such as CRT and CCT certify the individual.
Crest certification benefits
The key benefits of becoming a CREST accredited member company are:
Independent, verifiable third party assessment of your security testing business
Increased speed of engagement with customer procurement processes
Enhanced customer confidence
Presence on the CREST Service Selection Platform
Access to industry-leading guidance, standards and opportunities to share and enhance knowledge
Structured professional development
Discounts from CREST partners in training and recruitment
The inside track on new opportunities and developments in technical information assurance
Two places at the annual CREST technical conference, the UK’s leading conference devoted to technical security assessment
Invitation-only events run for CREST member companies
Because CREST requires a rigorous assessment of member companies’ business processes, data security and security testing methodologies, CREST member companies have a demonstrable level of assurance that their information security methodologies are able to provide their clients with a robust assessment of their information security posture.