OSCP after CISSP ??

M22M22 Member Posts: 11 ■□□□□□□□□□
I passed the CISSP exam last year and received the CISSP-status from ISC2-endorsement. It took me a full week to list my 5 years experience on 2 or more of the 8th domains. THere was no CISSP around who could endorse me.

In 2010 and 2011 i did CEH v6 and ESCA both from EC-Counsil. Great courses but 5 days is just to short to get real pentesting experience. I do realise that CISSP is for management and CEH, ESCA ect is more "operational".

I used to work as a teamleader for 7 years and currently work as a project manager and advisor for a small local government but will not make CISO because i am not a YES-man. I do need my 40 CPE this year and I am also thinking of starting to work as a freelancer next to my current job, one day a week.

My plan is to start with vulnerability-assements, improvement-plan, policy-review and policy-improvement and implementions of controlls etc.

I think that OSCP will give me extra skills to deepdive into vulnerabilities (more than CEH and ESCA) and will get me the extra skills to get me the proper assignments after doing a proper vulnerablity-assesments.

What do you think ??? is OCSP after CISSP a good choice ???

Comments

  • chrisonechrisone Senior Member Member Posts: 2,101 ■■■■■■■■■□
    I would say YES since you have both CEH and CISSP now. I am going for the CISSP right now but I DON'T plan on taking OSCP after it. I plan on taking the CEH and then going for the OSCP. CEH to OSCP flows much better.

    Aside from this, from what I hear the course material does a good job teaching you what is needed for the exam anyways. So technically you should get enough examples, theory, explanations, and labs before you attempt the exam.

    I see no reason why you shouldn't take the OSCP.

    Good luck and keep us informed on your progress! Yes this is me making the decision for you already LOL!
    Certs: CISSP, OSCP, CRTP, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), BlackHills InfoSec: Breaching the Cloud (completed), eLearnSecurity: WAPTv3 (completed), IHRP (completed), THPv2 (completed), PTXv2 (Oct-Dec)
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (failed 1st attempt), eLearnSecurity: eWPT (failed 2x, no further attempts), eLearnSecurity: eCIR (complete), eLearnSecurity: eCTHPv2 (Mid-Sept), eLearnSecurity: eCPTXv2 (Dec)
  • TK1799_stTK1799_st Member Posts: 111
    I'm finding that the Mile2 curriculum is straight forward - easy to learn through the virtual labs - and is less expensive and much easier to work with than my recent experience dealing with EC Council and the un-announced update to CEHv8 to v9. Take a look at CompTIA's Roadmap and decide for yourself. Jut because the marketing is not a total exposure, CPTE is highly thought of internationally, especially military/govt types. The courseware and labs are step-by-step. The exams are set up like the ones with SANS/GIAC and you learn the same skill sets. It's like SANS and OSCP, but allows more time to learn and experiment with labs, tools, online environments for pen testing. I'm almost done with CPEH and moving directly into CPTE. Mile2 is spot on with customer service and is US based.

    just another option out there....after taking CEHv8 official courseware/videos - and going through labs and the most popular tools - I would have done just fine on the v8 exam--- but was ambushed by the "nite before update" and got slammed. Mile2 was the training company that stood up the CEH training platform back in the mid-2000's and decided to break off....which, for me, I'm glad they did.

    CompTIA Roadmap (PDF)
    https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf?sfvrsn=2

    Mile2 Certification Path
    Mile2® - Cyber Security Certifications - Penetration Testing, Digital Forensics - Certifications

    ....hope this helps....have a good one.....
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    Definitely OSCP. You also get CEUs towards your CISSP.
    I am a Jack of all trades, Master of None
  • M22M22 Member Posts: 11 ■□□□□□□□□□
    Great info ! Many thanks. I will start with OSCP asap, i will probably sign up next week. I will keep you posted on my experiences with the course.
  • M22M22 Member Posts: 11 ■□□□□□□□□□
    Signed for OSCP today, waiting for the info now and the invoice. I went threw a lot of OSCP-topics yesterday, good stuff to read ! I will keep you informed !
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    M22, the exam is $800 correct?
    I am a Jack of all trades, Master of None
  • DollarhydeDollarhyde Member Posts: 111
    It depends on your lab time you want to buy, $800 for 1 month of lab and an exam, $1000 for 2 months lab and exam, $1150 for 3 months lab and exam.
    ___________________________________________________________________________________________________________
  • M22M22 Member Posts: 11 ■□□□□□□□□□
    I thought it was 1150 for 90 days lab-access + the exam.
  • DollarhydeDollarhyde Member Posts: 111
    That is true
    ___________________________________________________________________________________________________________
  • M22M22 Member Posts: 11 ■□□□□□□□□□
    My OSCP-adventure will start at the 20th of march with 90 days labtime, just payed the invoice !
Sign In or Register to comment.