Current most valuable certifications going into penetration testing in the US
Hello I'm currently UK based but am likely to relocate to the US next year. I was wondering whether anyone had a view on what the most sought after penetration testing related certifications were currently?
From what I've seen OSCP and CEH seem to both get a lot of attention although they appear to be quite different in terms of practicality?
From what I've seen OSCP and CEH seem to both get a lot of attention although they appear to be quite different in terms of practicality?
Comments
-
NetworkNewb
Member Posts: 3,298 ■■■■■■■■■□
Talked to a manager of a pentesting company one time and he said the only he cares about is the OSCP. Zero interest in the others. -
laurieH
Member Posts: 109 ■■■□□□□□□□
Thanks. I guess the other option is the SANS offerings.
Oops - just realised I started this in the wrong section - mods please feel free to relocate! -
shochan
Member Posts: 1,014 ■■■■■■■■□□
CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP -
cyberguypr
Mod Posts: 6,928 Mod
CSA definitely does not fall under "most sought after penetration testing related certifications". Heck, it's so new that it doesn't fall under mot sought for anything. -
ITSpectre
Member Posts: 1,040 ■■■■□□□□□□
Honestly I was going to do eJPT.... But based on the threads that I have seen... im going to use the eJPT study materials and YOLO the OSCP....In the darkest hour, there is always a way out - Eve ME3 :cool:
“The measure of an individual can be difficult to discern by actions alone.” – Thane Krios -
mattf73
Member Posts: 14 ■■■□□□□□□□
Go for OSCP.
I have CEH and it has very little practical value. It is probably handy for a risk manager or similar, who wants to have a high-level understanding of pen testing.
Similar to what NetworkNewb said, if you can obtain OSCP without work experience you are looking good in the eyes of hiring managers - whether it gets you past HR / recruitment agents is another matter. -
636-555-3226
Member Posts: 975 ■■■■■□□□□□
OSCP is best for real world skills. CEH is good for generic resume padding & for people who don't know much about infosec (like HR), but otherwise CEH is rubbish. GPEN is good if you're just learning the ropes but is hella expensive -
ITSpectre
Member Posts: 1,040 ■■■■□□□□□□
Go for OSCP.
I have CEH and it has very little practical value. It is probably handy for a risk manager or similar, who wants to have a high-level understanding of pen testing.
Similar to what NetworkNewb said, if you can obtain OSCP without work experience you are looking good in the eyes of hiring managers - whether it gets you past HR / recruitment agents is another matter.
^^^^THIS.....
I thought about the eJPT.... BUT I enjoy a challenge. So I say im just going to go for the OSCP.... its harder, and I can go slow and learn the material.
CEH is really a waste unless your trying to satisfy DoD requirements or to get your resume past HR filtersIn the darkest hour, there is always a way out - Eve ME3 :cool:
“The measure of an individual can be difficult to discern by actions alone.” – Thane Krios -
laurieH
Member Posts: 109 ■■■□□□□□□□
Thanks all - OSCP certainly seems a great hands-on option although looks pretty intense! I was wondering if there might be anything which would be a good stepping stone to use to build up to OSCP - any thoughts?
-
ITSpectre
Member Posts: 1,040 ■■■■□□□□□□
Thanks all - OSCP certainly seems a great hands-on option although looks pretty intense! I was wondering if there might be anything which would be a good stepping stone to use to build up to OSCP - any thoughts?
the eJPT certification is a good stepping stone. the forums have a link for a free barebones eJPT course here:
http://www.techexams.net/forums/security-certifications/128404-elearnsecurity-pts-v3-free-course-voucher.html
That is the link for the free course. The link still works. That will give you a foundation to build on. also search the forum for OSCP and eJPT threads.... it really helped me out a lot.
In the darkest hour, there is always a way out - Eve ME3 :cool:
“The measure of an individual can be difficult to discern by actions alone.” – Thane Krios -
laurieH
Member Posts: 109 ■■■□□□□□□□
the eJPT certification is a good stepping stone. the forums have a link for a free barebones eJPT course here:
http://www.techexams.net/forums/security-certifications/128404-elearnsecurity-pts-v3-free-course-voucher.html
That is the link for the free course. The link still works. That will give you a foundation to build on. also search the forum for OSCP and eJPT threads.... it really helped me out a lot.
Thanks will have a look! -
Dr. Fluxx
Member Posts: 98 ■■□□□□□□□□
Im working toward the OSCP, but i also heard that the eJPT is a really good stepping stone.
-
technogoat
Member Posts: 73 ■■□□□□□□□□
Where can a fresh rookie start?
I'm studying for my CCNA security but after that I'm wondering where to go.
OSCP seems like the best practical cert and one very suited towards work
can a rookie get into OSCP or should I slow down and get something below that?
any advice?
