Thoughts on ECSA before taking on the OSCP?

Elegyx

Just finished up my CEH a few weeks ago but I feel like I need a more advanced cert before I tackle the OSCP. What do you guys think about the ECSA? I'm reading on EC-Council's site that it's a more advanced CEH, needing to submit a pen test report, etc. Employer is paying for most of the training as well.

Danielm7

So the Certified Ethical Hacker cert wasn't the one to teach actual hacking, but the Certified Security Analyst actually teaches hacking? That makes no sense at all.

If they'll pay EC-Council training prices, will they pay for SANS? If not, how about elearnsecrurity.com? I'm told the PTP course is a great primer before the OSCP.

SteveLavoie

From what my research has returned, EC-Counsil training are expensive relatively to the cert.. ask for a SANS training. It is much more respected than CEH or other cert.

bigdogz

The ECSA does not have a decent ROI. The OSCP or the SANS certifications would be your best bet.

Regards

[Deleted User]

I think it could be useful to do ECSA before OSCP. I'm doing the ECSA now and i'm having fun with it ( I did complete the PWK course though just have to wait to take my exam). That said though, to avoid forking over 6k to SANS for the GPEN, pick up some well known books on penetration testing and give those a read over. A simple Amazon search for pen testing you will find almost every book people will recommend here on the forum. If you want a cert route, ECSA can be useful. If you want overall pen testing knowledge, get other books. Or do both if you have the $$$

Elegyx

kMastaFlash wrote: »

I think it could be useful to do ECSA before OSCP. I'm doing the ECSA now and i'm having fun with it ( I did complete the PWK course though just have to wait to take my exam). That said though, to avoid forking over 6k to SANS for the GPEN, pick up some well known books on penetration testing and give those a read over. A simple Amazon search for pen testing you will find almost every book people will recommend here on the forum. If you want a cert route, ECSA can be useful. If you want overall pen testing knowledge, get other books. Or do both if you have the $$$

Thanks for the reply. Unfortunately my employer won't pay for the SANS training (very expensive) so the ECSA would be the next best option in terms of paid training.

Elegyx

Danielm7 wrote: »

So the Certified Ethical Hacker cert wasn't the one to teach actual hacking, but the Certified Security Analyst actually teaches hacking? That makes no sense at all.

If they'll pay EC-Council training prices, will they pay for SANS? If not, how about elearnsecrurity.com? I'm told the PTP course is a great primer before the OSCP.

Are you referring to the ECPPT Cert from eLearn?

p@r0tuXus

Elegyx wrote: »

Are you referring to the ECPPT Cert from eLearn?

That's correct. PTP (Penetration Tester Professional) v4. AKA the ECPPT.
There's also the Work Study program for SANS, you'd likely save thousands of dollars, get good experience, network with people. Might give it a go. Only downside that I've observed from threads on this site is that they might not give you much notice if you're selected.