November 14, 2013 at 9:22 pm #8613
Okay. I’m struggling to decide whether to take the eCPPT course or GPEN after finishing up with GCIH. I know I’m not ready for the OSCP, so I’m not even considering that. 😛 I know that eCPPT is more hands on, but not as well recognized. Or am I wrong about that?
Any thoughts or advice is greatly appreciated.
November 15, 2013 at 9:31 am #53635UKSecurityGuyParticipant
I can’t speak for the eCPPT, but I have taken the GPEN and from the eCPPT trial module I’ve looked at, and the course materials, I’d go with your assessment, eCPPT appears more ‘full pen test’, but GPEN appears more professionally laid out.
Are you doing this to get another job or for your own interest? If it’s for a job I’d recommend the GPEN – the SANS courses are well known by management and engineers alike, so you’re more likely to get a job with that qualification.
If it’s for your own interest, I’d struggle to recommend the GPEN because it’s not very ‘hands on’ at all. I went through the entire SANS SEC560 without doing a single hands-on exercise and still passed the GPEN with 95% just by answering the most logical questions and remembering some command-line arguments.
November 15, 2013 at 12:34 pm #53636
That is what I thought.
My company will be paying and it’s as much for my job as it is a professional interest.
November 17, 2013 at 11:06 pm #53637KrisTeasonParticipant
The GPEN has more recognition over eLearnSecurity’s Certifications. Offensive Security’s courses are great and people have respect for OSCPs and OSCEs.
Having recently taken the eCPPT Gold Examination, eLS has really stepped up their Examination Challenge from their Silver Exam. Not only have they made it more hands-on, but they test you on more than basic web app pentesting knowledge. These guys should get a little bit more recognition with their new challenges. You walk out of the exam tested on topics the OSCP covers.
If you want more hands-on, I agree with UKSecurityGuy. Go with eCPPT or if your up to the challenge the OSCP. It’s kind of hard to balance PWB after a long day of work and if your not feeling up to the challenge. The GPEN is great because the industry loves GIAC Certs. If you weren’t just looking for another GIAC Cert but a hands-on approach, you’d enjoy the eCPPT.
November 29, 2013 at 5:26 am #53638Dark_KnightParticipant
The GPEN really isn’t all that bad. In fact it’s a great compliment to the OSCP as in addition to the technical stuff it also covers some of the business aspects of a pentest.
The material itself is good. What will make the difference is the labs. The OSCP lab environment is second to none. However, if you do a comparison of the material you will see they are pretty similar. In fact there some sections that are better covered in the GPEN….but the labs are what will get yah..
I have not done the eCPPT, but if your company is paying for the GPEN then go for it. If it’s out of pocket that’s a different ballgame.
November 30, 2014 at 9:51 pm #53639
I ended up taking the SEC560 course. Good stuff. Now I just need to get the certification done with. I have to say that I learned a lot, and the SEC504 class that I took last year really compliments it well.
December 14, 2014 at 7:10 pm #53640UKSecurityGuyParticipant
Interesting – I’m about to take the eCPPT in the new year – so I’ll be able to directly compare them.
March 1, 2016 at 7:16 pm #53641
Just passed the eCPPT. Great course. Next up is the OSCP. Not sure I will get to it this year though.
May 21, 2016 at 12:44 pm #53642MareenKingParticipant
GPEN is better, definitely.
You must be logged in to reply to this topic.