Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CEPT

From: Todd Haverkos <infosec () haverkos com>
Date: Wed, 08 Dec 2010 09:10:54 -0600
Nick <godaemon () gmail com> writes:


Hi all,
I am interested in taking CEPT from :
http://www.iacertification.org/cept_certified_expert_penetration_tester.html


From people from US, whats the value the market of this certification,

does anyone knows an average salary?


I'll toss in a few pennies -- I've heard of it before, and it was
offered as an option (along with EC Council ECSA/LPT) in this
_excellent_ course taught by Jack Koziol who put together the original
edition of the shellcoder's handbook:
        http://www.infosecinstitute.com/courses/advanced_hacking_online.html

I know that that particular class was very valuable for me, and that
the practical that was required for obtaining the CEPT cert involved
time after the course looked decently challenging.  I opted to pass on
the CEPT cert though -- I simply didn't have time for the practical in
the busy-for-consulting fourth quarter with holidays when it was due,
and, since no one seems to talk about that CEPT, losing sleep to make
it happen wasn't a priority for me.

If it's a cert specifically that you're looking for that has some name
recognition as well as a practical requirement, the most talked about
and challenging one I see discussed is OSCP.
http://www.offensive-security.com/information-security-certifications/
SANS GPEN also seems well known (and I assume has a practical
requirement?).  EC Council's LPT is similar in name and is well known,
but it does not currently have a practical requirement.

If it's actual knowledge you're seeking, and you've found a quality
class in a place your employer will pay you to go, with a good
instructor that just happens to align itself with CEPT, I definitely
wouldn't rule it out simply because CEPT doesn't have a ton of
mindshare out there.  After all, it's what you know and have actually
done that should matter in the hiring process, and no one magical
certification has emerged in this industry as an absolute must-have.
Having some certification of any flavor will be a plus in getting you
an interview, but being able to answer technical questions based on
actual experience are usually what get you the job.

Finally, as for salary range, having CEPT I would safely say isn't
going to modulate your salary much if at all--it's simply not well
known enough.  Knowing what it takes to get a CEPT, assuming good
communication skills, and relevant industry experience, however, I'd
have to think should put you safely in the > $80k range, and more
likely into 6 figures if I had to guess.

Hope this helps!  Ethicalhacker.net also has forums about various
certs that'd be worth checking out.

--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: