Penetration Testing mailing list archives

Re: OSCP

From: christopher.riley () r-it at
Date: Fri, 12 Dec 2008 12:32:04 +0100

If you actually do real security, OSCP is a bullshit cert just like
CEH, CNOP, SCNA, GSE, et al.  Anything SANS or ISC2 is crap.  All of
these certs mean absolutely nothing if you dig deep into the actual
meaning behind them.

Just out of interest, have you actually done any of the training that you
think is "crap". Having been through some of the training you mention
(some of it good, some of it bad) I would disagree with your broad
assumption. Have you ever actually met somebody with a GSE for example.
It's not an easy qualification to achieve. The courses you mentioned are
designed to educate in a specific area and not be a wide ranging (but thin
on information) course like the CISSP (and other) training appears to be.

The question I have is what do you class as "real security". I work as a
penetration tester and can say from my side that CEH is not a good course
(in regards to preparing you for working in the ethical hacking field),
however the SANS classes (SEC:560, SEC:504, SEC:709, SEC:542, etc...) do
provide a great deal of information. No training course or certificate is
going to guarantee a person is fit for the job, but dismissing them all as
"crap" is in my opinion unfounded.

Just my 2 cents....

Chris John Riley

----------------------------------------
Raiffeisen Informatik GmbH, Firmenbuchnr. 88239p, Handelsgericht Wien, DVR 0486809, UID ATU 16351908

Der Austausch von Nachrichten mit oben angefuehrtem Absender via E-Mail dient ausschliesslich Informationszwecken.
Rechtsgeschaeftliche Erklaerungen duerfen ueber dieses Medium nicht ausgetauscht werden.
Correspondence with above mentioned sender via e-mail is only for information purposes. This medium may not be used for
exchange of legally-binding communications.
----------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

Current thread:

RE: OSCP Al Rivas (Dec 03)
- Re: OSCP Terry Cutler (Dec 05)
- Re: OSCP Andre Gironda (Dec 05)
- Re: OSCP Nick (Dec 05)
- <Possible follow-ups>
- Re: OSCP christopher . riley (Dec 12)
  - Re: OSCP Andre Gironda (Dec 12)
    - Re: OSCP Chris Griffin (Dec 12)
    - Re: OSCP Andre Gironda (Dec 13)
    - Re: OSCP christopher . riley (Dec 15)
    - Re: OSCP Gichuki John (Dec 16)
    - RE: OSCP Eduardo Di Monte (Dec 18)
    - RE: OSCP christopher . riley (Dec 18)
    - Re: OSCP JB (Dec 18)
    - Re: OSCP s0h0us (Dec 19)
    - Re: OSCP Taras P. Ivashchenko (Dec 18)

(Thread continues...)