CEH vs CPTS

which of the two is better? do they compliment each other? it seems the CPTS is a competitor for the CEH, the Mile2 people always try to push this as a better cert than the CEH.

anyone have both, should I do both, or pick one, I guess more certs doesn't hurt, which would you pursue first?

Find more posts tagged with

Comments

Claud Murdock

CPTS is more detailed in the training, and covers MUCH more in general. The only thing that the CEH has a one up over mile2 is the neat name of it, and the way the certificate looks. I actually advise not to take the CEH in some circumstances, or not put it on your resume, because when I put that I had my version 3 of the test on an interview, the employer turned me down for the job, due to the "suggestive nature" of that cert. It's all up to you though. Good luck to you either way you go!

JDMurray

Although I really enjoy the topics covered by the CEH, the word "Hacker" in the name has certainly put me off acquiring the cert for concern over how it would be regarded by people reading my resume. The title "Certified Pen Testing Specialist" certainly is more appealing to me because it is more descriptive of what the cert actually covers.

Philippatos

Claud Murdock wrote:

I actually advise not to take the CEH in some circumstances, or not put it on your resume, because when I put that I had my version 3 of the test on an interview, the employer turned me down for the job, due to the "suggestive nature" of that cert. It's all up to you though. Good luck to you either way you go!

Actually, that's exactly why I was thinking of putting it on my resume: to weed out employers who don't know what the word means. Those are the one who run around like chickens with their heads cut off screaming "I've been hacked" when a hard drive crashes or a PSU fan fails.
http://en.wikipedia.org/wiki/Hacker
http://en.wikipedia.org/wiki/Hacker_ethic

FWIW though, CEH had very little on the hardware side of things. A l33t h@x0r should know how to construct simple hardware devices like, say, a passive ethernet tap, IMHO.

http://www.sun.com/bigadmin/content/submitted/passive_ethernet_tap.html

jkstech

thanks for the information, I do understand the reservations about the name, but i'm assuming that someone hiring for a security position would not have an issue with it, if they are up to date with the current trends in info sec, wherein a lot of emphasis is being put on understanding the details of how attacks are carried out to be able protect the infrastructure against them

it's mostly a judgment call depending on your environment or the position you are applying for.

the general info I get is that the mile 2 course is updated more frequently and goes beyond just teaching you how hackers work but also the business side of penetration testing so that you know how to present it to the management/execs

sprkymrk

Philippatos wrote:

FWIW though, CEH had very little on the hardware side of things. A l33t h@x0r should know how to construct simple hardware devices like, say, a passive ethernet tap, IMHO. http://www.sun.com/bigadmin/content/submitted/passive_ethernet_tap.html

That's an interesting point.

However, since the C|EH is supposed to be for PenT's, they will usually come in with the tools they need already. Otherwise wouldn't the C|EH also have to teach you how to dumpster dive and pick locks, rather than just teach you to be aware it can be done and how to counter it?

Does the CPTS teach hardware stuff such as that?

Philippatos

I considered the Mile2 course before signing up for CEH. Thing that turned me off is they spent a great deal of time and effort bashing EC-Council. To the point of even taking personal shots at EC-Council members. Don't get me wrong, I've bashed EC-Council some myself, but I'm not competing with them either.

Mile2 would have done better emphasizing the strengths of their program rather than emphasizing the flaws in CEH. Reminded me of some guys I've worked with who spent all their time cutting down other people's work rather than improving their own.

Unfortunately, when it comes to politics, mud slinging like that usually works. You don't have to convince the public you're good if you can convince the public your competitors are all bad.

JDMurray

This reminds me of this thread where I was trying to get the dirt on the friction between Mile2 and EC-Council:http://www.techexams.net/forums/viewtopic.php?p=57400&postdays=0&postorder=asc&start=75#57400

jkstech

yeah, I remember that thread