Why is CEH more expensive than CISSP?

ErtazErtaz Member Posts: 934 ■■■■■□□□□□
I guess my initial impression of this cert is that it was mid-level. I'm shopping around looking to spend my effort wisely. For those of you who paid for your own, was CEH worth it to you?

Comments

  • cyberguyprcyberguypr Senior Member Mod Posts: 6,917 Mod
    The first question to ask is "what is your goal"? What are you trying to achieve? Gain new knowledge, market yourself, etc? And to answer your title question, the response is "because they can".
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    cyberguypr wrote: »
    The first question to ask is "what is your goal"? What are you trying to achieve? Gain new knowledge, market yourself, etc? And to answer your title question, the response is "because they can".
    Truth is, I'm stuck where I'm at.(Grateful for the opportunity, btw.) My goal is to pad the résumé enough that if something unforeseen were to happen, I'd be ready. I should be allotted 1 SANS training per year, plus whatever I do on my own. The consensus that I've read after posting this is that OSCP is the best place to put your time and $ for a pentest cert. If CEH were only moderately expensive, then I could see picking up a book and taking the test after a month. But $700 is a lot of scratch to invest in a cert that's not that highly regarded.
  • gespensterngespenstern Member Posts: 1,243 ■■■■■■■□□□
    I've grown to become shy enough to put this nearly fraudulent cert under my name here on techexams. However, having it gives me enough moral ground to bash it on spot.

    Like this: CEH is a nearly fraudulent cert and EC-Council is an irresponsible bunch of money-makers who don't care about security and profession, their process is extremely sloppy, materials are awful and the exam itself is full of stupid questions written in poor English. Do I need to mention that they were hacked a couple of times, leaked their customers' PII and infected their computers with Angler EK exploiting not up-to-date IE, silverlight and Adobe Flash.

    I hope that DoD will finally drop them out of their 8570 and 8140, I believe DoD endorsement is the only thing that keeps EC-Council afloat.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Ertaz wrote: »
    I guess my initial impression of this cert is that it was mid-level. I'm shopping around looking to spend my effort wisely. For those of you who paid for your own, was CEH worth it to you?
    What is your experience level and goal? If nothing more, it makes my resume look better to HR and shows conceptually I am aware of pen testing.
    Ertaz wrote:
    The consensus that I've read after posting this is that OSCP is the best place to put your time and $ for a pentest cert. If CEH were only moderately expensive, then I could see picking up a book and taking the test after a month. But $700 is a lot of scratch to invest in a cert that's not that highly regarded.
    Entry level pen testing is VERY different than a normal entry level certification. There is a lot of implied knowledge for OSCP...quite frankly a lot of it is covered in CEH. Information about various nmap switches, applicable legal knowledge (a must for a pen tester to know), and many other topics. Think of it as Security+ (CEH) to the CISSP (OSCP). Also...learning style comes into play for OSCP. The videos and material are helpful to a certain point but it will not feel like a traditional course and leaves a lot to be desired/researched on your own. Are you in the US? A lot of companies recognize the CEH in job postings...OSCP is advertised as a real pentester certification but you aren't going to find it listed in many job postings. Remember playing the HR game is part of the battle in getting a job.

    If you are serious about becoming a pen tester...I would do CEH > GPEN > OSCP. That would give you a lot of credibility as far as certifications and set you up nicely for increasing difficulty...especially since you can take one SANS training per year. At minimum do GPEN > OSCP...probably around 2-3 months per, and then at some point either before or after, work on refining scripting skills and exploit development skills.
  • wayne_wonderwayne_wonder Member Posts: 215 ■■■□□□□□□□
    The CEH is bashed in the USA a lot it seems it's not that bad in the UK from what I can see it's requested a lot on job openings alongside the CISSP of course. In the Uk the big Pen Testing Cert is Crest which is cheaper than the CEH strangely

    Seeing as you get a SANS course i'd just read the CEH stuff and do the GPEN
  • IronmanXIronmanX Member Posts: 323 ■■■□□□□□□□
    Ertaz wrote: »

    They are about the same $599 (CISSP) $600 (CEH).
    The price of CEH recently went up $100. When I took the exam a year ago it was $500.

    CISSP costs $85 a year
    CEH costs nothing a year for me until 2019. (I think if you do the exam now you have to start paying in 2017). There is also something like every 3 years you get a free exam voucher to make the annual fees not seem like a total rip off.

    EC Council has started doing live online examinations which i think are suppose to be cheaper then the Vue in person examinations.
  • wayne_wonderwayne_wonder Member Posts: 215 ■■■□□□□□□□
    Isn't the CEH cheaper if you do it remotely from home?>
  • 636-555-3226636-555-3226 Member Posts: 976 ■■■■■□□□□□
    CEH will look good for HR and hiring managers who don't know much about InfoSec. Those who know (admittedly a minority) won't value CEH much.

    CISSP will look good for HR and hiring managers. It isn't an amazing you're the greatest person in InfoSec cert, but I find it has more value than the CEH and comes from a more legitimate company than EC-Council.

    If you want to get into hacking via certs, learn Linux then take a deep breath and go for the OSCP. OSCP isn't nearly as widely known or recognized as CEH, but you'll get substantially better value out of it.
  • NOC-NinjaNOC-Ninja Member Posts: 1,403
    weird. it seems that cissp is more in demand.
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    IronmanX wrote: »
    They are about the same $599 (CISSP) $600 (CEH).
    The price of CEH recently went up $100. When I took the exam a year ago it was $500.

    CISSP costs $85 a year
    CEH costs nothing a year for me until 2019. (I think if you do the exam now you have to start paying in 2017). There is also something like every 3 years you get a free exam voucher to make the annual fees not seem like a total rip off.

    EC Council has started doing live online examinations which i think are suppose to be cheaper then the Vue in person examinations.

    There is also a $100 fee to take the test without having an approved CEH training course.
Sign In or Register to comment.