certifications dilema

Viewing 8 reply threads
  • Author
    Posts
    • #7650
      Bushman4u
      Participant

      Hi guys,

      Here are a few certs that I can find with their respective training institutions. They all look sexy and self proclaimed as being the best cert.

      CPTC – Certified Penetration Testing Consultant 25421
      CPTE – Certified Penetration Testing Engineer 34894
      CSTA – Certified Security Testing Associate         3614
      GPEN – GIAC Certified Penetration Tester         33170
      OSCP – Offensive Security Certified Professional 36097
      CEH – Certified Ethical Hacker                         90494
      ECSA – EC-Council Certified Security Analyst 29890
      CEPT – Certified Expert Penetration Tester            26267

      However, the question I have been wrestling with is which one of these ethical hacking or pentesting certifications and trainings truly and genuinely offer the best material in the world? Categorizing them in the best being 1, how would you rank them in term of quality, depth, practicality and maturity?
      I have only taken SANS training but have read a lot about the other ones’ testimonies, reviews and talk to a few friends who have taken for example OSCP and CEH.

      Could any one of you guys attempt to answer this question if you have taken a few of these courses and certs. Please provide some comparisons if you wish on tools covered, instructors’ experience, labs setup and etc.

      I am excited to hear from you and would like to thank you in advanced.

    • #47761
      cyber.spirit
      Participant

      OSCP and CEH is great but OSCP is more professional and its harder…..

    • #47762
      UNIX
      Participant

      From the ones you have listed, I’d say OSCP and CEPT. GPEN is popular as well, but based on your signature, it seems you already have it. If you want something for HR, you can also add CEH.

    • #47763
      Bushman4u
      Participant

      A thank you to though who have responded so far.

      However, I should add that I am not really interested in the HR or job hunt certs. I must say that even though all of us would like the pay but I am more into a REALY STUFF! I am interested in skills development, personal challenge and self satistifaction.

    • #47764
      cd1zz
      Participant

      offsec

    • #47765
      DragonGorge
      Participant

      @Bushman wrote:

      However, I should add that I am not really interested in the HR or job hunt certs. I must say that even though all of us would like the pay but I am more into a REALY STUFF! I am interested in skills development, personal challenge and self satistifaction.

      In that case I’d stick with OSCP. You’re not going to get a whole lot of depth in CEH – “Mile wide and a foot deep”

    • #47766
      MaXe
      Participant

      If you’re in India and you need a job, CEH. Keep in mind they require a clean criminal record and I think they also require 2 years of IT-security experience or related at least.

      If this is not your situation, and you really want to learn what pentesting is about, well, at least the basics that is, it’s definitely OSCP you have to do. CEH won’t teach you pentesting. It’s a mile wide but only a foot deep, while OSCP is a foot wide (pentesting) but a mile deep.

      Keep in mind that a “foot wide” in OSCP, doesn’t mean it covers only a few things, as OSCP (i.e. PWB) covers almost or perhaps just everything within penetration testing pretty much. Except hardcore exploit development, they have other courses for that  ;D

    • #47767
      tturner
      Participant

      I’d beg to differ on the whole mile wide, foot deep thing. Based on my conversations with CEH candidates, I tend to think CEH is only a foot wide, and about an inch deep. The exception to the width comment is that it seems CEH teaches you 20 tools to perform one task that you will likely only ever use 2 or 3 tools for. If that’s what HR is looking for, by all means do what you have to do, but I’d prepare for disappointment if you were hoping to learn anything useful. The one thing CEH has going for it is marketing/name recognition and the other players lag behind here, regardless of their technical value.

    • #47768
      UNIX
      Participant

      @Bushman wrote:

      However, I should add that I am not really interested in the HR or job hunt certs. I must say that even though all of us would like the pay but I am more into a REALY STUFF! I am interested in skills development, personal challenge and self satistifaction.

      I’d go with OSCP and CEPT.

      @MaXe wrote:

      Keep in mind that a “foot wide” in OSCP, doesn’t mean it covers only a few things, as OSCP (i.e. PWB) covers almost or perhaps just everything within penetration testing pretty much. Except hardcore exploit development, they have other courses for that  ;D

      Although Mati and crew did – without a doubt – a great job, saying or thinking that PWB (or any other course) teaches (almost) everything about penetration testing, is just wrong and also naive.

      I assume you didn’t mean it that way, but that’s how someone (especially someone new to the field) might interpret your statement.

Viewing 8 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?