OSCP vs CRT

lewis2018lewis2018 CCNA R&S, CCNA Sec, MSCA 2016, ITIL-F, PenTest+, Security+, LPIC-1, Linux+, OSCPMember Posts: 27 ■■■□□□□□□□
I've recently earned the OSCP cert and have begun to work toward Crest Registered Tester (CRT). Does anybody here have experience of sitting both exams?

I've heard from some that if you have OSCP then CRT is pretty easy.

Comments

  • deltzydeltzy Member Posts: 34 ■■■□□□□□□□
    I've got both. I initially got the OSCP and then you can go for the CRT Equivalency, see details here.

    Essentially you have to do the CREST CPSA Exam and then pay £100 to get the CREST CRT without the need to do the CRT exam. The CPSA exam is rubbish in my opinion, it's really broad in terms of it's content, not many study materials and the technology within the syllabus is outdated. It's multiple choice but not really hard, it's just hard to know when your ready for the exam.

    CISSP | OSCP | CREST CRT & CPSA | CCSKv4 | SEC + | CCENT | CISMP | AZ-900
    In Progress: CCSP, AZ-500

  • lewis2018lewis2018 CCNA R&S, CCNA Sec, MSCA 2016, ITIL-F, PenTest+, Security+, LPIC-1, Linux+, OSCP Member Posts: 27 ■■■□□□□□□□
    I've got the CPSA exam next week. I'm not really expecting too much trouble with it as i know it is a pretty junior level cert. I've looked into the CRT equivalency but unfortunately that path doesn't earn you CHECK status which is incredibly important in the UK. So annoyingly i have to sit the CRT too. I'm hoping sitting the CRT will be a breeze after only doing the OSCP a month ago.


    CPSA + CRT = CHECK
    CPSA + OSCP = CRT (no CHECK status awarded)


  • SteveLavoieSteveLavoie Member Posts: 829 ■■■■■■■□□□
    edited February 20
    Sorry for curiosity (sorry I am Canadian too eh),  What is the "CHECK" status?
  • lewis2018lewis2018 CCNA R&S, CCNA Sec, MSCA 2016, ITIL-F, PenTest+, Security+, LPIC-1, Linux+, OSCP Member Posts: 27 ■■■□□□□□□□
    CHECK is an approved UK government scheme that certifies you to be a either a member of a pen test team (CHECK Team Member) or a lead of a pen test team (CHECK Team Leader). Its very much sought after here just because it carries that seal of approval.


  • SteveLavoieSteveLavoie Member Posts: 829 ■■■■■■■□□□
    Thanks you @lewis2018!  I think it is a good initiative from UK government.   Does it have a good impact in the industry?
  • lewis2018lewis2018 CCNA R&S, CCNA Sec, MSCA 2016, ITIL-F, PenTest+, Security+, LPIC-1, Linux+, OSCP Member Posts: 27 ■■■□□□□□□□
    Kind of. Its nice to have an approved standard to work towards but I've heard some of the content that is tested is a bit dated. Also the OSCP is believed to be a harder certification to achieve but CREST CRT (and CHECK) is considered to be more important here
  • SteveLavoieSteveLavoie Member Posts: 829 ■■■■■■■□□□
    Well.. too often governement regulation lag . They are big machines and governement worker have too much office politics, red tapes and processus to be fast.
  • Mike7Mike7 Member Posts: 1,076 ■■■■□□□□□□
    An "advantage" of CREST exams over OSCP is that except for CPSA, all pentest exams are practical based and are conducted under supervision.  Despite offsec's best intentions, we still hear about OSCP who cheated, eg 

    OSCP may be harder than CRT, but CREST do have higher level exams that are more difficult
Sign In or Register to comment.