So the CSWAE content isn't great, very basic but I thought it was somewhat acceptable and wholly representative of most of the other outdated and regurgitated content that so many other courses are guilty of. Until I got to the methodology for "ethical hacking" and saw they mentioned covering tracks and maintaining access. Real attackers do this and it's valuable for incident handlers to understand this, but when have any of you done this on real world pentests unless it was explicitly called out as a requirement by the customer? It annoyed me and I had to make a post about it. There have been other irritations as well but something like a methodology forms the underlying structure for everything you do on a test. This is really important stuff folks. If people are thinking this is what you are supposed to do on a test, then it's no wonder that my Pentest Quality Management side project has found so many glaring examples of stupidity. Are there other curriculums that bungle methodology like this?

The section on code review, had no code.  

And so many places it's painfully obvious the trainer has no clue what he's talking about. Also on the methodology section. "The OSSTMM is free, which is good (snip) ... (random chatter).. has some hints and some useful guidance as well."

Really? Has he even read the OSSTMM? It's an awesome document but what he's saying does not even begin to describe what you use OSSTMM for and that's all he has to say about it? There's so many other places like this where I have to question whether the guy has even done a pentest before. I'm into the pentest module now and I have to say a lot of this content has really entered the realm of "bad". I had tried to give the course the benefit of the doubt until now, in the hopes that a developer focused course might actually have useful technical content for a coding idiot like me but I have now lost all faith it will ever occur. I am debating just stopping here, pulling the trigger on the exam and getting back to reading The Tangled Web and WAHHv2. Much of this content is highly conceptual in nature with almost no practical examples. The 2 books I mentioned are proving to be a far far greater investment than a course like this could ever hope to be. I'm not even sure that a real review is worthwhile.

I'll sum CSWAE up with: "Check it out if it's free and you are bored, but don't spend any money on it" I'm sure glad Mile2 offered the course for free to govt employees last Sept because I'd be mad if I spent training dollars on it.

Note:  They said something about updating it soon...  Maybe it'll get better?  (Doubtful, but since I have access through said update time period...)

On that I will disagree with you Bill, I took the CPTE class when they offered it free to veterans, and I will sat the material trumped the CEH. Then again, I believe its one of their flagship products, so it be the best they have...

but if you would like more reviews, I think a little was mentioned in the posts around november when they had that going on.

The only problem with your comparison is that the CPTE should be beyond what the CEH is. The CPTS is their intro/entry hacking certification that should be compared to CEH. The CPTE, now the consultant something or other, is probably better aligned with ECSA/LPT (or GPEN, also on that level).

But it is good to hear something positive about them.