Penetration Testing mailing list archives

CREST or TIGER?

From: EH <penetration1 () googlemail com>
Date: Wed, 17 Oct 2007 12:25:38 +0100

All, I would value your opinion.  I am trying to make a comparison
between the 'new kids on the block' in terms of pen tester
accreditation here in the UK, CREST and TIGERScheme,  for my
organisation.  So far I've come up with the following information.

                                      CREST            TIGER
An existing examination      No                  Yes
Independent of suppliers      No                  Yes
End user driven                   No                  Yes
Not for profit                       Yes?               Yes
Applicable to Individuals      Yes?              Yes
Company standards            Yes               Yes (CCTM)
Career path                        Yes?              Yes
University standard              No                Yes
It seems that the TIGER Scheme www.tigerscheme.org is fully up and
running and accrediting individuals already plus it is a University
based examination which CREST www.crest-approved.org is not.

I see from the CREST website that they are in support of the often
maligned multiple guess CEH examination and will 'grandfather'
individuals into the 'CREST approved' scheme if they have CEH.  Now I
am a CEH [amongst other things I hasten to add] and I sat the exam in
early 2003.  It was taken reasonably seriously then but it seems that
the pen test communities opinion of the cert has deprecated somewhat
over time ... so is CREST a re-branded EC-COUNCIL?  If so will they go
the same way?

To grandfather into TIGER at the lowest level of certification you
need an approved MSc in Computer Security.  Basically any certs I
recommend for my organisation I want to be taken seriously now and in
future. I am heavily leaning towards TIGER.

Your thoughts?

Thanks in advance.

EH

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Current thread:

CREST or TIGER? EH (Oct 18)
- Re: CREST or TIGER? Danny Fullerton (Oct 19)
  - RE: CREST or TIGER? Shenk, Jerry A (Oct 19)
  - Re: CREST or TIGER? mamo (Oct 21)
- Re: CREST or TIGER? Rory McCune (Oct 21)
- <Possible follow-ups>
- Re: Re: CREST or TIGER? cwright (Oct 19)
- Re: Re: Re: CREST or TIGER? cwright (Oct 19)
  - Re: CREST or TIGER? Danny Fullerton (Oct 20)
- Re: CREST or TIGER? cwright (Oct 20)
- RE: CREST or TIGER? Paul J Docherty (Oct 23)