Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PWB - OSCP certification for newbies

From: Hari Sekhon <hpsekhon () googlemail com>
Date: Fri, 28 Aug 2009 09:26:26 +0100
Mau Bs wrote:

Hi.
I've been following both mailing lists for quite a while, and lately
I've seen many people suggest the offensive-security certification
Pentesting with Backtrack as a good place to start for learning some
basic skills in pentesting. I would like to know how you feel about
this suggestion. Also for you guys that have taken the course, what do
you consider is the minimum skill set needed to get the most of the
course/cert. I'm coursing my last year of my degree in Computer
Science.
If you're only doing a degree then this may go above your head, it's really aimed at more experienced professionals with a few years experience (and even then they often fail it). They do not explain basic things - you are expected to know them already and they assume that you have worked in IT for at least a few years and already have knowledge of multiple operating systems, networking, programming, databases, some security etc etc.
I'd say it's best for people already working in security really. I don't see there being enough of a future market to invest in this now as technology is basically closing all the holes as well as preventing the need for any more people to run IT (and there are a tonne of unemployed IT people with experience still looking for jobs that are also finding that IT's shrinking job market in the long term is causing them problems).
Yes I have an OSCP and yes it was tough as suggested. It actually put me off doing pentesting any more (although also because I had done enough of this I felt) as well as the fact that I am enjoying other aspects of IT more these days, they're less sleep deprived and hair-pulling (although after 5 years in IT I have no hair left to speak of anyway! ;-) ). 

-h

--
Hari Sekhon
http://www.linkedin.com/in/harisekhon


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 
http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: