Penetration Testing mailing list archives
Re: Penetration testing professional certifications
From: Todd Haverkos <infosec () haverkos com>
Date: Tue, 16 Aug 2011 12:50:25 -0500
sapran <sapran () gmail com> writes:
Dear Penetration Testers, I am looking for advice of an experienced penetration testers regarding the certification path to choose. My goal and reason in taking a certification exam is not a certification by itself but the opportunity to learn from preparation materials, fill the gaps in skill set and experience, as well as align the expertise with current "best practices" in the field. I knew about CEH/LPT path from EC Council and SANS's GPEN before and I've discovered IACRB's CPT/CEPT lately, however I'm having hard time trying to assess them in comparison. I would appreciate any help in comparing the subject domains, expected effort and potential benefits of these certification as well as those I've not encountered yet. Maybe some results are already out there and you could share the links to related materials? Thank everyone in advance.
CEH->ECSA->LPT does not currently require a practical. CEPT requires a practical, iirc. SANS GPEN I'm not familiar with their requirements. The Advanced ethical hacking course I had with Jack Koziol (did the original Shellcoder's Handbook edition) from Infosec Institute where you could do ECSA/LPT and/or CEPT as options. http://infosecinstitute.com/courses/advanced_ethical_hacking_training.html Mindshare wise, I haven't run into many folks who have even heard of the CEPT, but their practical requirement at least at the time had as part of it fuzzing, finding vulns in a binary, reverse engineering, and exploit writing with stack and heap overflows. You'd definitely learn great stuff along the way. However, Offensive Security's OSCP course/cert really seem to be the gold standard out there there, and I haven't run into anyone who hasn't felt like they've learned a ton from it, and it holds the most cachet among penetration testers. It's very challenging. http://www.offensive-security.com/information-security-certifications/ Best Regards, -- Todd Haverkos http://haverkos.com/ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Penetration testing professional certifications sapran (Aug 16)
- RE: Penetration testing professional certifications John Babio (Aug 17)
- Message not available
- RE: Penetration testing professional certifications Majed Al Massari (Aug 17)
- Re: Penetration testing professional certifications Vedantam Sekhar (Aug 17)
- Re: Penetration testing professional certifications haZard0us (Aug 17)
- Re: Penetration testing professional certifications Prathan Phongthiproek (Aug 17)
- Re: Penetration testing professional certifications Todd Haverkos (Aug 17)