Hi T_Bone

In the UK most Pen Testing Jobs require that you have CHECK Team Member status or you cannot do any government work. You can become a CHECK member by passing the CHECK Assault Course, be British and eligible for SC or you need to be CREST certified. I understand that there is some interoperability between the two organisations in accepting each others qualifications. Although it is worth noting that you can do a CREST cert. as an individual whereas you need to be part of a CHECK Team/company for the CHECK cert.

  I find the best thing to do is search for Penetration Tester on http://www.Jobserve.com and try and decide which route to take based on what the available jobs are looking for ....


Hope this helps !

Krizzc
MCSE:Security, C|EH

If you become a CREST approved tester, you also recieve your Check team leader status at the same time (vis CREST).  The Check Approved scheme was setup to ensure quality (or both the tester and company) when performing pen tests on goverment site.  However, there was nothing similar for the private sector and Check Team Leader / CHECK Approved because the de facto standard for both private and public sector.  This was never the goal of Check approved, and apart from setting some kind of minimum standard for the skill of the pen tester, the other elements of CHECK wouldnt apply to the private sector.  So, CREST was born.  CREST has been ratified by CHECK so any CREST approved team leader will also become a CHECK team leader  Unless you are a current check team leader or work for a check approved company, it is impossible for you to take CHECK team leader exam.  SO, the new standard is CREST - CREST approved consultant & CREST approved company. 

The CREST exam is both a written exam and a practical exam across their syllabus.  For info on the CREST technical syllabus, see :

http://www.crest-approved.org/Pages/ExamBooking.html

I hope that helps, let me know if you need any more info.

If nothing else, TigerScheme definitely sounds sexier than CEH or even OSCP. 

John L. Smith, TigerScheme, Rawr!

Hi T_Bone,  nope, I havent done crest yet but I am currently studing for it.  I will post back here with an update of how it compares.

T_Bone,

I had planned on taking it in July, however, if i get on the offsec 'cracking the perimeter' course it will be longer ;o)

You mentioned that a friend of yours has taken the test already?  Perhaps you could hit him up for some tips and post them?

Did you decide what cert you are going for?

Hi,

I was wondering if i have to become CREST certified, were do i start from. I have seen the ciriculum, is their any books or reference guides that i can use.

Your help is really appreciated.

-s