Hello fellow EH'ers,


I was wondering, how well are all the different certifications recognized by companies?

I know there's many different certifications, but lets include primarily penetration testing, security, and the most well known certifications.

I'd like to hear your list of top 10 most recognized certifications, so I can perhaps gain some knowledge of which I should pursue seen from a pure HR / company view and not a personal view of what I want to learn.

1. CISSP
3. CEH
4. Security+
5. GSEC & GPEN
7. OSCP & OSCE
8. eCPPT and / or Shodan (Heorot)
9.
10.

I might've missed some important ones, so please enlighten me, but also tell me your opinion about the 10 most recognized certifications.

Purely from an HR perspective...

1. CISSP
2. CISA/CISM
3. Security+
4. GSEC/GIAC
--
5. CEH

The reason I put the line before the CEH is because I don't think it's widely recognized by HR. I really don't think any of the others make the list yet.

I thought I'd post some information about a website that is pretty useful for tracking salary and trends related to demand/certification, it's UK based but lists average salary for certifications by region and more: http://www.itjobswatch.co.uk/

Here's a link for the CEH, if you scroll down you'll see the demand trend:

http://www.itjobswatch.co.uk/jobs/uk/ceh.do

and CISSP: http://www.itjobswatch.co.uk/jobs/uk/cissp.do

As far as HR requirements go for penetration testing, I'd say that the CEH is becoming more popular and recognised in the UK and surprisingly OSCP too. However, most UK based companies almost always request Tiger/CREST/CHECK certifications for pentesting.

CREST info: http://www.crest-approved.org/
CHECK info: http://www.cesg.gov.uk/products_services/iacs/check/index.shtml
Tiger info: http://www.tigerscheme.org/content.php?ID=2