Penetration Testing mailing list archives
Re: CEPT
From: Todd Haverkos <infosec () haverkos com>
Date: Wed, 08 Dec 2010 09:10:54 -0600
Nick <godaemon () gmail com> writes:
Hi all, I am interested in taking CEPT from : http://www.iacertification.org/cept_certified_expert_penetration_tester.htmlFrom people from US, whats the value the market of this certification,does anyone knows an average salary?
I'll toss in a few pennies -- I've heard of it before, and it was offered as an option (along with EC Council ECSA/LPT) in this _excellent_ course taught by Jack Koziol who put together the original edition of the shellcoder's handbook: http://www.infosecinstitute.com/courses/advanced_hacking_online.html I know that that particular class was very valuable for me, and that the practical that was required for obtaining the CEPT cert involved time after the course looked decently challenging. I opted to pass on the CEPT cert though -- I simply didn't have time for the practical in the busy-for-consulting fourth quarter with holidays when it was due, and, since no one seems to talk about that CEPT, losing sleep to make it happen wasn't a priority for me. If it's a cert specifically that you're looking for that has some name recognition as well as a practical requirement, the most talked about and challenging one I see discussed is OSCP. http://www.offensive-security.com/information-security-certifications/ SANS GPEN also seems well known (and I assume has a practical requirement?). EC Council's LPT is similar in name and is well known, but it does not currently have a practical requirement. If it's actual knowledge you're seeking, and you've found a quality class in a place your employer will pay you to go, with a good instructor that just happens to align itself with CEPT, I definitely wouldn't rule it out simply because CEPT doesn't have a ton of mindshare out there. After all, it's what you know and have actually done that should matter in the hiring process, and no one magical certification has emerged in this industry as an absolute must-have. Having some certification of any flavor will be a plus in getting you an interview, but being able to answer technical questions based on actual experience are usually what get you the job. Finally, as for salary range, having CEPT I would safely say isn't going to modulate your salary much if at all--it's simply not well known enough. Knowing what it takes to get a CEPT, assuming good communication skills, and relevant industry experience, however, I'd have to think should put you safely in the > $80k range, and more likely into 6 figures if I had to guess. Hope this helps! Ethicalhacker.net also has forums about various certs that'd be worth checking out. -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------