CREST Accredited Training Courses

Below are details of courses that CREST has assessed and accredited as aligning with a CREST examination syllabus.  Please click on the relevant link to read more detail.

4armed4ARMED
Course Title:  App Sec Hacker
Course Length:  2 days
Web Link:  https://www.4armed.com/educate/app-sec-hacker/
Useful preparation for:  CREST Certified Web Applications Tester

CREST Overview
The App Sec Hacker course provides a mixture of application theory and practical knowledge with an emphasis on learning by example and then trying it out for yourself.  The extensive labs cover most of what you would expect from a course designed around the CREST syllabus and provides a good learning ground for application level vulnerabilities.

The trainers are ex-developers and provide a great deal of experience and real-world labs and the course is updated based on industry findings and developments.

Being an application focused course, the relevant infrastructure components of the Web Applications syllabus are not covered, however the course is not intended for this purpose.

The course is set over two days, however it could easily be longer based on the labs alone and would be suitable for candidates in their mid to late revision cycle or those up for a challenge.

Click here for more course details.

7safe-logo-pa7SAFE
Course Title:  Certified Application Security Tester (CAST)
Course Length:  4 days
Web Link: https://www.7safe.com/professional-development/certified-digital-forensics-courses/details/cast-advanced-application-security-testing-hands-on
Useful preparation for:     CREST Certified Web Applications Tester

CREST Overview
The CAST course is billed as an advanced application security course and as such a number of pre-requisites are recommended before attendance. The advanced nature of the course means a number of topics are not included, however these topics are generally in line with the intended audience.

The course is heavily weighted towards practical components of the CREST Web Applications syllabus and theory is learned through a combination of presentation slides and practical labs. Being an application focused course the relevant infrastructure components of the Web Applications syllabus are not covered, however the course is not intended for this purpose.

It is difficult for a course of this length to cover all components of the CREST Web Applications syllabus and this is the case with CAST. However the labs are excellent, particularly the several practical exercises on SQL Injection and Cross Site Scripting.

This course provides useful practical experience and would benefit a suitable experienced consultant or developer as part of a structured learning programme towards the CREST Web Applications certification.

Click here for more course details.


7safe-logo-pa7SAFE

Course Title:
  Certified Wireless Security Analyst (CWSA)
Course Length:  2 days
Web Link:   https://www.7safe.com/professional-development/certified-digital-forensics-courses/details/cwsa—wireless-security
Useful preparation for:     CREST Certified Wireless Specialist / CREST Registered Penetration Tester (wireless elements)

CREST Overview
The CREST Certified Wireless Specialist examination is heavily focussed on 802.11; in fact no other wireless technologies are covered.  The course covers this topic well and provides a good introduction to candidates on the tools used to assess the security of 802.11 networks. More advanced topic on cracking wireless encryption mechanisms are included and practical exercises provide the requisite experience in these areas.  Additionally enterprise security content, complete with an example lab, is included.
The CREST Wireless Specialist syllabus covers a wide range of wireless technologies and as such any recommendation for this course should be viewed in the guise of 802.11 networks only (Appendix F).

Click here for more course details.


7safe-logo-pa7SAFE

Course Title:
  Certified Security Testing Associate (CSTA)
Course Length:  4 days
Web Link:  https://www.7safe.com/professional-development/certified-digital-forensics-courses/details/csta—ethical-hacking
Useful preparation for:  CREST Registered Penetration Tester (Infrastructure elements)

CREST Overview
This course is aimed at candidates focusing on the CREST CRT certification.  It concentrates on infrastructure components of the syllabus with application security covered in a separate course (CSTP).

The course covers a wide range of topics, many of which are echoed on the CRT syllabus however it cannot considered exhaustive with a number of key components not covered; in particular content related to Appendix F Unix Security, should be reviewed.

Although a very hands on course it would benefit from discussing or at least documenting Appendix A of the CREST syllabus.  The course is aimed at CRT level testers and as such an understanding of law and compliance and the importance of reporting should be covered.  To that effect, syllabus content in Appendix A should be reviewed.

Overall this has been classed as borderline recommendation of this course.  Some basic content is not covered however it does provide an entry level into CRT revision and the practicals would be of great benefit.

It is important to stress to candidates seeking CRT related courses that this course only covers the infrastructure components of the exam.

Click here for more course details.


7safe-logo-pa7SAFE

Course Title:
  Certified Security Testing Professional (CSTP)
Course Length:  2 days
Web Link: https://www.7safe.com/professional-development/certified-digital-forensics-courses/details/CSTP_ethical_web_application_hacking
Useful preparation for:  CREST Registered Penetration Tester / CREST Certified Web Applications Tester

CREST Overview
The CSTP course is heavily aligned with the OWASP Top 10 of 2013 with each section of the course explaining the individual OWASP issue and backing up the theory with the practical exercises. Obviously a great deal of the issues in the OWASP list align with the application components in the CREST CRT syllabus, however it is not exhaustive.

From a practical standpoint the course excels and the practical exercises would be of great benefit to CRT level candidates. Practicals include comprehensive SQL and Cross Site Scripting labs, exercises on Session Management and Authentication as well as other OWASP categories.

From a practical standpoint this course is recommended for candidates at the CRT level and provides a good level of coverage for a candidates aiming to improve their web application skills.

It is important to note that 7Safe provides two courses aimed at the CRT level; one application and one infrastructure.  No infrastructure is included in this course.

Click here for more course details.


7safe-logo-pa7SAFE

Course Title:  Malware Investigations (CMI) – hands on
Course Length:  4 days
Web Link:  https://www.7safe.com/professional-development/certified-digital-forensics-courses/details/cmi-malware-investigation-training
Useful preparation for:  CREST Registered Intrusion Analyst

CREST Overview
The CMI course aims to align to the CREST Registered Intrusion Analysis qualification and does cover a number of topics that would be useful in preparation for this exam.

It is by no way exhaustive, as it is difficult for any course of this length to be, however through a combination of both theory and practical exercises common techniques for malware analysis are discussed.

The course would benefit candidates embarking on their journey towards CRIA, however it would not be suited to those seeking a more advanced level of instruction, particularly in areas such as network intrusion analysis.

It is important to note that the course has not been specifically designed to cover all topics of the CREST syllabus and as such a number of pre-requisites should be satisfied by candidates undertaking this training, as time restrictions prohibit the coverage of a number of core areas such as Section B and Section C of the CRIA syllabus.

Click here for more course details.


7safe-logo-pa7SAFE

Course Title:  Advanced Forensic Investigation (CFIS) – hands on
Course Length:  4 days
Web Link:  https://www.7safe.com/professional-development/certified-digital-forensics-courses/details/cfis-advanced-forensic-investigation
Useful preparation for:  CREST Certified Host Intrusion Analyst

CREST Overview
The CFIS course covers a number of areas useful for candidates preparing for their CCHIA exam. Candidates should be aware that the course is not exhaustive and expects a good level of forensics/intrusion knowledge before attending.

The course has not been designed specifically to align to the CREST syllabus and would be best suited to candidates embarking on their journey towards CC HIA.

Click here for more course details.

All of the 7Safe training courses are eligible for funding from the Tech Partnership Training Fund.

infosecskillslogoInfoSec Skills
Course Title:  Intrusion Analysis and Digital Forensics Essentials (IADFE)
Course Length:  5 days
Web Link:  https://www.infosecskills.com/products/kits/intrusion-analysis-digital-forensics-essentials-iadfe
Useful preparation for:  CREST Registered Intrusion Analyst

CREST Overview
The course material suggests that candidates complete the course modules and attempt the examination within a three-month period. Multiple study options are available.

The course quality is good and is structured in a manner which closely follows the CREST syllabus.  It covers each section in detail and discusses every topic in reasonable depth, highlighting to candidates whether the topic will be assessed in Multiple Choice or in Practical. The online supporting material is also good, with quizzes and feedback provided on all answers (right or wrong).  Previous CRIA candidates believe that the practical topics too are relevant and appropriate.

In conclusion, candidates who complete this course will gain a good grounding in all of the CREST CRIA syllabus requirements.

Click here for more course details.

infosecskillslogoInfoSec Skills
Course Title:  Practitioners Certificate in Information Assurance Architecture
Course Length:  5 days
Web Link: https://www.infosecskills.com/…
Useful preparation for:  CREST Registered Technical Security Architect

This course is recommended as useful preparation for the CR TSA qualification.

Click here for more course details.

icsi-logoInternational CyberSecurity Institute (ICSI)
Course Title:
 Certified Penetration Tester (ICSI | CPT)
Course Length:  4 days
Web Link:  http://www.icsi.co.uk/cpt.html
Useful preparation for:  CREST Registered Penetration Tester

CREST Overview

The ICSI CPT course aligns quite closely to the CRT syllabus with a number of the key topics covered.The course has a good variety of classroom based learning, demonstrations and practical exercises to work through, although as with most courses, three days cannot provide exhaustive coverage of all penetration testing topics.

The course concentrates on infrastructure and in some aspects exceeds the knowledge required for CRT.  Web application components of the syllabus, although mentioned, are not covered in any great depth, however this is not the focus of the course.

Overall this course is recommended for candidates at the earlier stages of their pen testing career, on the way to their CRT qualification and as part of a structured revision programme.

Click here for more course details.

IRM_logo V11 no bgIRM
Course Title:  Cyber Scheme Team Member
Length of Course:  5 days
Web Link: http://info.irmsecurity.com/cyber-scheme-team-member
Useful preparation for:  CREST Registered Penetration Tester

CREST Overview
The course provides a good grounding in the knowledge and skills required of a CREST CRT consultant. It is not by any means exhaustive, however no course of this length can be. It covers a wide range of topics, a large many of which are pre-requisite knowledge for anyone in the process of studying for the CRT qualification.

The practical aspects of the course would be of great benefit to CRT ready consultants and allow practical knowledge to be thoroughly tested or experience on unfamiliar topics to be gained.

The course does not concentrate solely on the technical but also provides a good introduction to the soft skills and assessment management skills required of a competent CRT consultant.

Overall this course would benefit a candidate as part of a structured revision programme and will assist in highlighting areas of deficiencies and focus further revision. This course has been given a recommend rating.

Click here for more course details.

MDSec Consulting Ltd

MDSec
Course Title:
  Web Application Hacker’s Handbook, Live Edition
Course Length:  2 days
Web Link: https://www.mdsec.co.uk/education/wahh-live-training/
Useful preparation for:  CREST Certified Infrastructure Tester (CCT INF) / CREST Certified Web Applications Tester

CREST Overview
This course has frequently been recommended by candidates who have taken both the CREST CCT Infrastructure and CCT Web Applications exams.

Click here for more course details.

NST logoNET SECURITY TRAINING
Course Title:  
C-Registered Penetration Tester
Course Length:  
10 days
Web Link:  
https://www.net-security-training.co.uk/crest-registered-tester-crt/
Useful preparation for:  CREST Practitioner Security Analyst / CREST Registered Penetration Tester

The Network Security C-RPT course aims to cover a large breadth of material encompassing a wide range of topics from the CREST CPSA and CRT syllabus and to a large extent delivers.

The course is split in to two 5 day courses; one of which concentrates on Infrastructure security, the other on Application. Each of the courses can be taken independently, however, to get the breadth of coverage across both syllabuses, Network Security recommends both.

The course is structured such that CREST syllabus elements are easily identifiable and the depth of coverage is reasonable including labs to demonstrate key concepts.

Pre-requisites are essential, as it is not possible to provide complete coverage of all topics. With this in mind, it is recommended that candidates have good grounding in CPSA topics beforehand, as the complexity of content can ramp up quickly.

To summarize the course provides a good breadth of CREST topics, including theory and practical and would be suitable as part of a structured learning programme towards the CREST CPSA and CRT exams.

Click here for more course details