TR: InfoSec certification EC/BackTrack?

["Rivest, Philippe" <Rivestp () metro ca>]

I dont want to burst the bubble for CEH but I have it and I think it's almost worthless. They show you how to use a few 
hundread of tools for super specific things (like a tool that gets ONLY the emails from a web site, like a spider 
tool). 


The sheer number of tools that is given in that 5 day training means that you don't understand or master any of them. 
Furthermore I have the feeling that we did not explore deep enough the technical part of ANY of these tools or 
technique.

To me, basically, this cert was 4.5k down the drain. It did help me get a new job, IT DOES help the moral and it helps 
figure out how good you already are (or not). But beside that, I think its not worth it for any experienced person (I 
was a low/intermediate security analyst).


Hope this helps save money or get a better ID.

-----Message d'origine-----
De : listbounce () securityfocus com [mailto:listbounce () securityfocus com] De la part de Danux
Envoyé : mardi 4 mars 2008 12:28
À : 11ack3r
Cc : pen-test () securityfocus com
Objet : Re: InfoSec certification EC/BackTrack?

You should seriously check Security 101 from BackTrack guys!!!!!
You said its risky but think about ISC2, CORE IMPACT and SAINT who has
support this excellent certification.

Finally its a hands on cert, you will learn how to create exploits nor
only use security tools like CEH!!!!

Cheers!!!!

On Tue, Mar 4, 2008 at 4:33 AM, 11ack3r <11ack3r () gmail com> wrote:
> Hi List
>
>   What would be a good certification for a newcomer to start a career in
>   InfoSec? I've heard of CEH/ECSA/LPT but then I haven't had great
>   review about it from the list. The place where we are SANS doesn't
>   offer any course around. SANS Pen-Test course although is available on
>   demand, it costs $3500 which is well too much for guys in my
>   country... I've heard of something from Back Track guys.. looks
>   promising... but risky too at the same time...
>
>   what certification would be most rewarding to get a good job?
>
>   Looking forward to your replies.
>
>   Thanks
>
>  ------------------------------------------------------------------------
>  This list is sponsored by: Cenzic
>
>  Need to secure your web apps NOW?
>  Cenzic finds more, "real" vulnerabilities fast.
>  Click to try it, buy it or download a solution FREE today!
>
>  http://www.cenzic.com/downloads
>  ------------------------------------------------------------------------



-- 
Danux, CISSP, OSCP, ISO27001
Offensive Security Consultant
Macula Security Consulting Group
www.macula-group.com

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------