How well-known are these certs within the Pen-testing community?


(CPTE) Certified Pen-Testing Expert : Mile2
(CEPT) Certified Expert Pen-Tester : Infosec Institute
(LPT) Licensed Penetration Tester : Ec-Council


The curriculum for the first two follow similar lines, but the LPT seems to be hardly discussed anywhere on the net.  What are the reputations of these certifications?

Thanks.

Thanks Negrita for your response.  It looks like the Penetration Testing / Vulnerability Assessment circles haven't really come together in agreement between certain certification tracks.

The first 2 certifications seem to be proprietary tracks with specialized curriculum for the penetration tester.  The CPTE is the advanced penetration course offered by Mile2 training, while the CEPT is also an advanced penetration course ("replacing" the ECSA) offered by Infosec Institute. 

Most companies haven't recognized these certifications yet as pertaining to penetration testing which has me wondering if they'll be "embraced" at some point. 

I believe those three (LPT/ECSA, CEPT, CPTE) are the only advanced penetration certifications out there. 

Doesn't look like many know these at all and what's worse is that HR probably won't know these either. 

Just attended CEH training from InfoSec Institute.  Tons of labs and daily Capture the flag "Red Team" exercises at night. 

CEH tools were discussed, but newer & better tools were used for the labs.  They used a pen-testing model of instruction while incorporating CEH materials/tools into the course, rather than teaching a course on tools & slides.

Thumbs up for InfoSec Institute.


- charlottebandit

No, Jack didn't.  Jack teaches the Adv. class.

Tim Singletary taught the CEH, and also is one of the instructors for the CHFI.  I believe he also subs in for the Adv. class.  He will be coming out with a book later this year with several "proof of concept" vulnerabilities & more. 

He is/was a heavy hitter for DoD & other 3-letter agencies, but now consults and teaches.  Another thing I enjoyed was the fact that we ventured into penetration testing as if we had an experienced sysadmin or network security analyst as a foe/opponent rather than an inexperienced, clueless IT geek.  They raised the bar on us causing us to think before we assessed the systems without triggering off the IDS. 

OK, they switched on me. Mr. Whitaker is no longer the instructor. A last minute change puts Steve Kalman in the hot seat as instructor. Checking up on him, he wrote the Web Security Field Guide (a Cisco Press book) and has been in IT for over 30 years. He also has experience in forensics.

Not to hijack this thread any more than I already have, I'll keep you posted in my area of the study group.

Don