I'm wondering which certs to go after next, so any recommendations/ thoughts are welcome. Currently I'm holding Sec+, CEH and CCNA.

Some certifications I'm considering at the moment:

• Offensive Security Certified Professional (OSCP): Don't think there is much to tell about it. My only concern is time, which is pretty short since I'm a full time student as well as working as a security consultant.
• Offensive Security Wireless Professional (OSWP): The few reviews I read were all positive. Seems to be doable with little time as well. Only concern is about it's partly kind of outdated syllabus.
• GIAC Certified Penetration Tester (GPEN): Am I correct that I can't go for this exam through Pearson/ Prometric? Can you do self-study and go only for the exam?
• OSSTMM Professional Security Tester (OPST): Would be interested in this one too, but it seems here again that you have to do a class in order to go for the exam.
• Computer Hacking Forensic Investigator (CHFI)/ Licensed Penetration Tester (LPT): Well, since I already have the CEH it might be worth to get those as well. Not sure though..
• elearnsecurity's Certified Professional Penetration Tester (eCPPT): Sounds funny too, not sure about it's required skill level though. Since I'm already doing a lot of penetration testing this one might focus too much on more basic things.

Any thoughts on those or similar ones which would fit in? Time and money should be considered as well. Currently not interested in any Cisco, MS, Checkpoint and similar certifications.

Thanks for sharing your thoughts. OSCP is certainly something I'm going for, as well as OSCE (as well as AWE, when it becomes available as an online training ). Only have to decide when this will be. Since those are pretty time intensive and need a good portion of one's attention, I don't want to rush through it in order to just get the certificate but rather really devote my time for it.

CISSP is another one which I'm certainly getting, however, I'm still lacking the 5 years security related experience at this point. So this one has to wait some more time before getting absorbed.

GSEC isn't that interesting for me, since I see it more as an entry-level based cert. GPEN seems to fit better for me. I only found one Kryterion center in my country, though I'd have to travel about 4 hours to get there. SANS generally have quite a few other courses I'd be interested in (GREM, SECURITY 709/ 580/ 660/ ...) but they are just too expensive at the moment for me paying out of pocket.

I read Haddix' review, yes, that's one of the reasons why I'm considering it. I'll see if I can get a closer look at it and decide then. I also read the review about the OSWP you linked, which also points out the somehow outdated material I'm little worried about it. Nevertheless it's probably a great course and worth the money (equipment is already available, so no problem at this part).

Didn't think about the linux related certifications, good point.

What do you think about this route:
OSWP > elearnsecurity > OSCP

Or better switch OSWP and elearnsecurity? Guess GPEN would have to wait then too.

@chrisj


None of the GIAC certs are requirement for another with the exception of the GSE. You must have certain pre-reqs complete before you can sit for the GSE. They've recently revised the requirements. It used to be GSEC/GCIH/GCIA with at least two gold.You can find information about the current pre-reqs at:

http://www.giac.org/certifications/gse.php#prereq

But any other GIAC certification can be taken at any time with or without any other certifications.

@awesec

I really don't see that as a problem. With the exception of 1 AT&T / 2-wire device, all the other wireless networks I pick up in my office park are WEP based.

I view them as potential clients 

Get the cert, then use my laptop to track them down, then show them the problem with their network.

As far as the CISSP goes, you'll only need 4 years of experience since your Security+ drops a year off. Most people can scrounge that together with access controls and telecom/network security. You can also become an associate by passing the exam and then you'll become a full CISSP once you hit the experience requirements. It's a lot of material, so you might want to start working on it a little bit at a time. It sucks to work on exclusively *yawn*

I wouldn't recommend the GSEC to someone unless they were fairly new and had their company paying for it. I only did it because it's a GSE pre-req.

I'd do eLearn before the OSCP since it doesn't seem to be quite as involved. The wireless one can be fit in anywhere as it doesn't really have any bearing on the others. In between might make for a nice change of pace.


Right, I couldn't care less about the BT version. I want some more info on WPA/WPA2 and the various EAP types.


See, I've had the opposite experience. Nearly every business I work with has something stronger in place.

I've seen people do similar things and they are often not well received. Be sure to get permission before you actually do anything with their WAP.


Don't you get free updates? If so, I wouldn't use that as a reason to hold off. The only reason I recommended doing eLearn first is to really hammer the foundation home before doing the OSCP. The OSCP material is great, but they make a lot of assumptions with your previous knowledge. They don't teach you everything from the ground-up. I agree that the OSCP should be the end-goal.

I am a beginer in this field and I am taking the eLearnsecurity, it is good but in  your case with some exp go for OSCP, you will get more from that.

Hey chrisj,

I know you winked at the end of your 'potential clients' remark, but it is also worth mentioning that the business approach of finding security holes in wireless APs, then approaching the victim with a sales pitch is illegal. Even if you find some way around it, it's still rather unethical.

Be careful. Even if you're out there alone, you still represent us. 

Don