1-Day Instructor-Led Programme
The XCREST Certification Programme is the practitioner standard for penetration testers whose work must meet UK government, NHS, and DORA-regulated financial sector standards β aligned to CREST methodology, NCSC CHECK principles, and PPN 014 government procurement requirements. Assessed on Day 6 through a supervised CREST-methodology penetration test against a government-representative target environment β no MCQs, methodology-first assessment.
Duration
1 Day
Price
$6,246
CREST is the accreditation standard that UK government, NHS, and regulated financial sector buyers require for penetration testing. PPN 014 (published February 2025) makes CREST accreditation mandatory for suppliers providing penetration testing to the UK government. DORA mandates CREST or CHECK-level testing for financial entity threat-led penetration testing. Without CREST-aligned methodology, penetration testers cannot win government contracts or DORA-compliant TLPT engagements. XCREST is built to close this gap.
Across six instructor-led days, XCREST covers the technical and methodological content that underpins CREST CRT and CCT-level capability: CREST Penetration Testing Standard methodology (updated February 2025 six-domain framework), infrastructure penetration testing at CREST scope, web application penetration testing at CREST scope, CREST-standard reporting, NCSC CHECK methodology for government system testing, and DORA TLPT engagement requirements for financial sector penetration testers. Participants who hold XEHP or equivalent will find XCREST the direct pathway to understanding CREST methodology before pursuing formal CREST examination.
On Day 6, participants conduct a supervised penetration test against a government-representative environment using documented CREST-aligned methodology. The senior practitioner assesses methodology quality, scope management, evidence capture, and report structure against CREST reporting standards. XCREST certificate and Practitioner Assessment Report issued. Aligned with CREST Penetration Testing Standard (February 2025 update), NCSC CHECK Technical Guidance for Testers (TGT), PTES, OWASP Testing Guide v4, PPN 014, DORA TLPT requirements, and NCSC Penetration Testing guidance.
Hands-on CREST-scope infrastructure and web application penetration testing exercises, CREST-standard evidence capture, NCSC CHECK-compliant report structure construction, and a supervised Day 6 CREST-methodology test.
Mentor-led sessions from a CREST-certified practitioner (CRT/CCT level) covering CREST examination methodology, government target testing considerations, NCSC CHECK process, and how DORA TLPT engagements are structured.
Conduct penetration tests aligned to CREST methodology and NCSC CHECK standards, produce CREST-standard reports, and demonstrate the professional methodology required for UK government, NHS, and DORA-regulated financial sector work.
Apply CREST Penetration Testing Standard (February 2025) methodology to structure, execute, and document penetration test engagements at government and financial sector standard
Conduct infrastructure and web application penetration testing aligned to CREST CRT and CCT scope requirements with CREST-standard evidence capture
Produce CREST-standard penetration test reports with finding documentation, risk ratings, evidence exhibits, and remediation recommendations that satisfy UK government and NHS procurement requirements
Apply NCSC CHECK Technical Guidance for Testers methodology to government system penetration testing engagements
Understand DORA TLPT requirements and structure penetration test engagements that satisfy EU financial entity operational resilience testing obligations
Navigate UK government penetration testing procurement including PPN 014 compliance, security clearance considerations, and CHECK Team Member career pathway
Completion of XEHP or equivalent penetration testing experience at practitioner level (minimum 2 years hands-on penetration testing)
Working knowledge of network infrastructure and web application penetration testing methodology and tooling
Understanding of professional penetration test report writing at intermediate level
Organized by professional domains with comprehensive coverage
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
Custom quotes for teams and organisations
We come to you. Training delivered at your workplace for teams of 6 or more.
Custom pricing based on:
No obligation. Response within 1 business day.
Classroom training at a professional venue. Ideal for focused, immersive learning.
Custom pricing based on:
No obligation. Response within 1 business day.
Combine online and in-person learning for maximum flexibility and impact.
Timeline tailored to learner availability
Custom pricing based on:
No obligation. Response within 1 business day.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Credential
On successful completion of XCREST β Xcademia CREST-Aligned Penetration Testing Practitioner , learners receive an Xcademia Certificate of Completion. This standalone certificate is issued directly by Xcademia and recognised by employers across the UK defence and security sector.
Everything you need to know about the certification exams
You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations.
Everything you need to know about this course
No. XCREST is a training and assessment programme aligned to CREST methodology β it is not an alternative to formal CREST examination. XCREST is designed to build the methodology knowledge and professional practice that CREST CRT and CCT examinations test, serving as direct preparation for practitioners pursuing formal CREST examination. XCREST holders are positioned to approach CREST CRT with well-developed methodology β something that crash-prep courses do not provide.
Take the next step in your professional development