EH-Net

Just started working on it, will try to keep it as updated as possible when time allows. *NOTE* JUST STARTED IT today so its not even 1/3 of the way done. I may add study guides, etc. like I said though, as time allows

http://infiltrated.net/TechnicalSecurityRoadmap.html# (http://infiltrated.net/TechnicalSecurityRoadmap.html#)

There's no management section yet? No CISSP or CISM?

C'mon, where are your priorities? ;)

Seriously though, that's a good start, J.

...........and no CEH  ;D ;D ;D ;D ;D How could you ???

Great start Sil.

;) I'm anti-management all the time. There are no specific classes I would recommend for golf or spreadsheets ;) I'm casual 24x7x365 != snooty && shirts || ties

Working on the others when time allows, like I said just started... I will likely add links directly from a cert to the proctors site, then tree it to suggested reading, etc.

Have you thought about writing a book?

As much as I write, I hate writing. A book from me would be incoherent since I come from different areas of security. I actually started a book two years ago but it was so scattered I gave up. ;) Besides the things I would write about would likely get me put on watchlists or some other form of trouble

ADDED (forgot to mention):
Updated the page with links... Still working on it

I know you are not done (so I am almost tempted to not say anything but I want to throw this out there). Where would you put GCIA? IMO that should be under a "network security" (the same thing with GCFW and GAWN).

You tree makes networking look very boring :) :) :)

I would place (likely going to) under Incident Response and Forensics as thats where it belongs ;) I haven't started on Network Security yet because I am likely going to do something NO ONE WILL LIKE and that is to post information relevant to CCNA/CCDP which teaches A LOT about networking from the protocol on up and includes security. While it is vendor specific, those two courses will teach you more about NETWORK security than the GCIA would. A network to me are OSI layers 1 - 4 and function outside of Windows/Linux, etc. Networking will also be forked into specifics, likely Firewalls, IDS/IPS and "Broad" for other certs like SANS' GCED, etc. still working on it.

I see.  That's interesting and I honestly never looked at it that way.  Thanks!

great but you missed the recent offensive-security certs, OSEE OSWE

and there're also Vivek certs from (SecurityTube.net) the python course is very important to be mentioned as an entry course.

i would also like to add Wireless section (Wireshark Cert, SecurityTube.net Cert, Offensive-Security OSWP) ..

keep going  ;)

Dont forget the Security University and Mile2 certs. Depending on how full you want to have the tree.

also the International Association of Computer Investigative Specialists (IACIS) cert for forensics.

Not willing to bother with Mile2 and this is why:

* Certified Penetration Testing Engineer (formerly CPTS)
* Certified Penetration Testing Consultant (formerly old CPTE)

Which would you perceive I should post? CPTC

They are a bit too scattered for me to browse through their information. I will go over Security University's offerings, but they too are a bit scattered for me. I will check out IACIS however, my list is based on a few criteria: I have heard about it, read about it, it is in demand (visible in say a Dice.com or Monster.com search) and it makes sense to me. There should be no reason why I would have to go to a "certification" giver and try to make sense of what they're offering. Under: http://mile2.com/mile2-courses.html they state one thing, then on the other page they state another: Course: CPTE followed by.... "formerly old CPTE" which is it? Let them sort it out.

I have mile2 CSWAE and truly it's not even worth mentioning (even if it is padding my sig)

:) I was trying to be politically nice ;)

lol. I suggested Mile2 because they are seen as better than the ECC line of certs. But we have yet to get a review of them, maybe ill see what I can do about that... anyway. There is a difference between the CPTE and CPTC, though I cant tell you what it is.

As far as SU, I know they are planning to clean up the site, though it may take them some time, they only have one person to work on it... anyway. Maybe both companies can be added sometime in the future, once they meet your criteria.

Now in a situation like this (mile2, SU. SecurityCertified) I don't even wanna pull a trump card because they have their place in the industry that I don't want to get involved in. None of the three map to any DoD 8750 so the reality is, I won't bother. Aside from that, I wouldn't want anyone coming around to me saying: "man that really sucked", "they robbed me blind", etc., etc., etc. Bad enough I threw ECC up there