Home
Certification Preparation
Other Security Certifications
Best cert for vulnerability management/evaluation/related risk assessment ?
Seab
Hi!
I would like to know if some of you have any experience in vulnerability assessment/mngt/eval/risk, etc. and if there is a training or a cert that really make sense to go through with that direction ?
Not looking for deep pentest skills, but a specific training for vulnerability assessment that would include all required skills.
Thank you
Find more posts tagged with
Comments
ottucsak
Qualys has free trainings/certs for their vulnerability related stuff. That won't teach you the basics, but hey, it's free.
Seab
Thanks for the reply
ottucsak.
I've been through that training. Pretty interresting for free stuff especially if you are managing Qualys. But it is a tool oriented training....
At the moment I am looking at CEH. It is not really what I am looking for, but would answer to 50% of my needs probably.
scada
the New CEH might be ok. I have v9 and I wasn't to impressed with it.
yoba222
I don't think such a thing exists. If it did, I'd be interested, particularly in example best practices of how to run a vuln management program properly. The CySA+ might be useful to you. I doubt the CEH v10 or whatever is any good. If the curriculum is still kind of a mess after 9 versions, well . . . you can't get fooled again. . .
cshkuru
SANS puts out a NICE framework to GIAC mapping
https://www.sans.org/courses/niceframework/
- Vulnerability Assessment is listed in the PR category (PR-VAM-001) and the map GPEN, GXPEN and GWAPT to the position. The Navy also does some mappings
https://www.cool.navy.mil/usn/cswf/index.htm
and EC Council recommends ECSA/LPT
https://ciso.eccouncil.org/wp-content/uploads/2013/09/NICE-IA-Framework-and-EC-Council-Certs-Ecosystem-Mapping-CCISO.pdf
TL/DR: There isn't a single recommendation and everyone recommends their own solution.
Danielm7
SANS has a new class that might fit the bill. It's not remotely cheap, and doesn't have a cert exam yet, but here is the info.
https://www.sans.org/course/enterprise-threat-vulnerability-assessment
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
