Best cert for vulnerability management/evaluation/related risk assessment ?


I would like to know if some of you have any experience in vulnerability assessment/mngt/eval/risk, etc. and if there is a training or a cert that really make sense to go through with that direction ?

Not looking for deep pentest skills, but a specific training for vulnerability assessment that would include all required skills.

Thank you


  • ottucsakottucsak Member Posts: 146 ■■■■□□□□□□
    Qualys has free trainings/certs for their vulnerability related stuff. That won't teach you the basics, but hey, it's free.
  • SeabSeab Member Posts: 127
    Thanks for the reply ottucsak.

    I've been through that training. Pretty interresting for free stuff especially if you are managing Qualys. But it is a tool oriented training....

    At the moment I am looking at CEH. It is not really what I am looking for, but would answer to 50% of my needs probably. :)
  • scadascada Member Posts: 49 ■■■□□□□□□□
    the New CEH might be ok. I have v9 and I wasn't to impressed with it.
  • yoba222yoba222 Member Posts: 1,237 ■■■■■■■■□□
    I don't think such a thing exists. If it did, I'd be interested, particularly in example best practices of how to run a vuln management program properly. The CySA+ might be useful to you. I doubt the CEH v10 or whatever is any good. If the curriculum is still kind of a mess after 9 versions, well . . . you can't get fooled again. . . :)
    A+, Network+, CCNA, LFCS,
    Security+, eJPT, CySA+, PenTest+,
    Cisco CyberOps, GCIH, VHL,
    In progress: OSCP
  • cshkurucshkuru Member Posts: 246 ■■■■□□□□□□
    SANS puts out a NICE framework to GIAC mapping - Vulnerability Assessment is listed in the PR category (PR-VAM-001) and the map GPEN, GXPEN and GWAPT to the position. The Navy also does some mappings and EC Council recommends ECSA/LPT

    TL/DR: There isn't a single recommendation and everyone recommends their own solution.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    SANS has a new class that might fit the bill. It's not remotely cheap, and doesn't have a cert exam yet, but here is the info.
Sign In or Register to comment.