The CREST Practitioner Security Analyst (CPSA is the perfect entry point for aspiring penetration testers and cyber security consultants. Designed to build a strong foundation, this course equips you with the essential knowledge and hands-on skills to assess network and system security, identify vulnerabilities, and support advanced testing activities.

Recognised globally, the CPSA certification is highly valued by employers and marks the first step in CREST’s Penetration Testing career pathway. You’ll receive expert-led training, practical experience, and the guidance needed to progress in your cyber security journey.

This course is also beneficial for junior professionals in other technical roles who support cyber security teams. By gaining CPSA-level skills, they’ll be better equipped to assist senior colleagues in penetration testing and red team operations.

Upcoming course dates

Please check back soon.

Who should attend?

Information Security Specialists
Professionals responsible for safeguarding organisational assets who want to deepen their understanding of offensive security techniques to better anticipate and defend against threats.

Penetration Testers
Individuals conducting security assessments who wish to gain a recognised certification and enhance their methodology with CREST-aligned practices.

Security Assessors
Those involved in evaluating the security posture of systems and networks, looking to add hands-on testing capabilities to their analytical toolkit.

Junior Red Team or Penetration Testing Team Members
Early-career professionals working within offensive security teams who need foundational knowledge and practical skills to support senior testers and contribute effectively to engagements.

Learning outcomes

Demonstrate use of current techniques used by industry qualified cyber-security penetration testers.
Analyse an organisation’s communication networks through the eyes of an attacker.
Determine and highlight various risks associated with security testing.
Interpret vulnerability scan results to identify vulnerabilities and their levels of criticality in relation to an organisation.
Conduct application vulnerability assessments and understanding their results.
Remotely exploit and establish persistence on a target.
Identify cyber security threats which may jeopardize the organization or its stakeholders’ interests.
Learn how to manage operational stakeholders.
Present clear and concise technical documentation to technical and non-technical third parties.

Prerequisites

To get the most out of this course, participants should have a solid understanding of core technical concepts related to IT and cyber security. We strongly recommend completing a Security Fundamentals course beforehand, as it provides the foundational knowledge needed to fully engage with the CPSA material and practical exercises.

This ensures you're well-prepared to grasp key topics such as network protocols, operating systems, and basic security principles - critical for success in penetration testing and ethical hacking.

Syllabus

This training can be tailored to an industry or for a defined audience with various durations. Example topics typically include:

Penetration Testing
Understanding Risk Requirements
Defining the ‘Scope’
Planning and Management
Hacker Methodologies
Networking
Scanning
ARP
DNS
Malware
Malware Taxonomy
Malware Analysis
Scanning and Enumeration
Scanning
Encryption
Vulnerabilities
Exploitation
Metasploit
Web Application Vulnerabilities
Social Engineering
Vulnerability Scanners
Report Writing
Security Policies
CPSA Practice Exam Preparation
PGI Assessment

Emerging threats

Cyber security

Online platforms

Insights

About us

CREST Practitioner Security Analyst (CREST CPSA)

Our CREST-Approved CPSA training provides participants with the essential skills to confidently contribute as junior professionals within Penetration Testing or Red Team operations.

Upcoming course dates

Find out how we can help

How can we help?

How did you hear about us?

Do you have any questions?