something that worked for me recently, slide this under management (in my case several directors) doors.

http://www.softwarequalityconnection.com/2011/05/i-like-my-it-budget-tight-and-my-developers-stupid/

I agree! That article is incredible!

I think the same, 50% is good.

Awesome article, thanks Chris. :-)

The most my employer paid for was a mandatory $50 "strength finders" book which basically just told me my top strengths are that I'm a "quick learner" and have "adaptability". lol

Neither. I would shoot for the OSCP. And if your ok with spending 3K+ I would consider SANS GPEN. It all depends on your goals.

My opinion, I would do the CPTE, 1, so we can get the review, 2, with the training they are providing, you could likely go challenge and pass the CEH.

I haven't read the replies here, but, I'll give my take on CEH.  No offense to anyone that has one, but I found it to be a pretty good waste of time.  Now, I took the v3 or v4 CEH exam, but I found it to be one of those silly memorization tests.

What port does this backdoor run on?
What flag do you use in nmap to perform an OS fingerprit scan?

Seems to be a serious abundance of these types of questions, where I wanted to answer "google" or "that's what --help is for".  I feel like these exams are fairly worthless, especially for what you pay.  You might get SOME decent knowledge about actual "ethical hacking", but it's sparse compared to the menial flags and stuff you have to memorize.

I was excited when I first passed the exam, but quickly realized I wouldn't be paying to take it again.  The CPE system was not in place after I took my initial exam, so I would have had to take the exam again... won't waste my time.

Try to find something that's more hands-on, and actually gives you practical skills for penetrating apps and networks.  Memorizing a bunch of ports isn't going to get you there.

IMHO, YMMV, ICUP, etc...

Somewhat. I wouldnt agree with "CEH is not worth the paper it's printed on".