Best technical security certs

I was reading through the "GSEC Wasted Effort" thread, and saw a comment in there that got me thinking... What are the best technical security certs? We're all familiar with the management certs (CISSP, CISM, etc...) - but what if someone were looking to get a cert demonstrating their knowledge of security from a technical aspect?

The Cisco CCN*-Security certs seem like they'd be a pretty good representation. And I really liked the Microsoft MCSE-Security cert from a few years back, but they've apparently killed their interest in the security cert realm. The OSCP also sounds awesome, and is probably going to be the next cert I go after (after CCNA)...

So - thoughts?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

f0rgiv3n

I'm just cracking the surface (so take my input like a grain of salt) on the infosec certs and my initial view is that it is completely dependent on what you want to do within the security field. I feel that the CISSP, CISA & CISM are great generic infosec certs to be able to show an overall knowledge and experience in infosec. You get into OSCP type stuff you're going to be on the deep technical side of pentesting.

The CCNA Security, CCNP security are network security certifications (obviously, since it's a Cisco cert

). These types of certifications are more for firewall management: things like RADIUS and TACACS+ for AAA, ACLs, VPNs, etc...

And then you have the forensics certifications, of which JDMurray has made a really great review of all of them on this site. (Computer Forensics Certifications - TechExams.net IT Certification Blogs) These are obviously for those who have to deal with computer forensics in their day-jobs.

So I guess it comes down to what you truly want to be doing: Do you want to be an infosec manager(CISM,CISSP,CISA)? pentester(C|EH,OSCP)? forensics (CHFI, EnCE)?

Hopefully someone with more experience in the field can pipe up but this is what I've gathered over time. One last thing, SANS has their whole set of certs for each of those specialties as well

. I'm not saying one must pick and choose a specialty, I'm just saying that your certification portfolio will probably reflect what you want to do.

YFZblu

It totally depends on what you want to do in infosec - Getting administration certs could pigeon-hole you into being just that...an administrator. There are many different facets of Information Security and I would recommend looking at all of them.

Master Of Puppets

For very technical certs, I think the OSCP is the clear winner. Unfortunately, I haven't had the pleasure to start working on it(which will happen for sure) but I think in that case it should be put in front of the others because it requires technical knowledge of not only one aspect of security - you need to be familiar with networks, programming, operating systems etc. Want to go even more hardcore? There's the OSCE

bobloblaw

All depends on ultimately what you want to do. That said, the most hits I see for straight tech that have great reps for their certs are Cisco and Red Hat. Hard to go wrong with either depending on what you do in InfoSec in my opinion.

Now the stuff that actually interest me are specialized. OSCP, Wireshark, Nessus, Snort, Encase, and many other specialty certs that I think would be interesting to learn just don't get that much love on job sites.

Jinverar

In my opinion Technical Security is a different concept of Infosec. Technical Security Specialists must be way more Technical than just OSCP and IT related CERTS. Technical Security Specialist is defensive in nature, not offensive but requires to know offensive skills. The police Technical Security specialist will use technical security in an offensive technique planting wiretaps and GPS trackers. For a TSS designation add in EMSEC and wiretap detection abilitys. Add in a basic and advanced electrical courses from a local coledge. Math is also good. Need a course in Telephones, Cell phones, understand demarkations, covert cameras instalations, sigint, cyber, digital forensics, malware analysis, here is a link Professional Development TSCM Group - Home Page and Home - National Technical Investigators' Association TSS designation will need some technical private investigations such as GCIH. Military time is almost a pre-req. No one cert can get you to a Technical Security Specialist designation. Multiple certs and courses combined. TSCM Technical Security Specialist (TSS) - Designate Certification Training - Education - Career and REI Technical Training Center

In terms of price it's tripple what sans offers. Look at the qualifications of Mr Atkinson. Biography and Qualifications - Atkinson

This one is almost based purly on life experience vice certifications. all your jobs together may make you a TSS when you come age like 30+ ish. give or take. Think more like 40+ unless you are top of your field. Potentially you could be a TSS in a specific field.

Hope it helps. I'm sure this post will come back to haunt me somehow.

Having re-read the forum post I may have went off the wrong track on this one. This will be the last edit...not sure if my response should be deleted as I may have confused the question with to much details. Anyway those links in this post are great courses for technical security. lol. Have a great day!

dmoore44

Having worked at a Federal LEO before as a Telecomm Specialist, I can tell you that wiretaps don't require any degree of technical sophistication from the standpoint of a law enforcement officer or tech specialist - it's all done by the telco in compliance with CALEA. Also, they weren't terribly difficult back in the POTS days either. Nothing more than a set of alligator clips were needed. Wireless presents a unique challenge, but again, it's mostly handled by the telcos. VoIP is a whole different challenge, especially when you start throwing encrypted traffic in to the mix, but if you understand how phone calls are made then intercepting un-encrypted VoIP traffic is still a pretty trivial task.

I guess the root of my question is that there are a whole bunch of so-called management certs (i.e. the intersection of management skills and Infosec) that are available, and it seems like those are highly sought after. So, which certs provide the intersection of Infosec related knowledge and technical skill/ability.

Jinverar

It takes technical sophistication to detect a rouge access point, cellphone, wiretap, telephone, pots, voip, body warn transmitter or any other million device in the field.....If you don't want your wiretap detected then yes it gets highly technical for an installation. again covert cameras or gps transmitters are also technical to install or detect. A set of alligator clips with a beige box is the most novice / noobe type. The telcos sound like they handle your technical security. Wireless security can get very very technical looking through the RF specturm from 1khz - 60ghz or higher. Looking for ones and zeros is just as important as checking airwaves, telephone line voltage or physically and technically inspecting wires. The technical guys with the boots on the ground get life experience volunteering for jobs that management can't do because they missed the experience. Technical certs are normally called "technical" or have a warning or pre-requisite of being technical. I am trying to help the group listing a few above. I'm not trying to belittle anyone. I like your post dmoore44. I think we are getting close to your answer. let me know if I can help more.

Jinverar

Correction,,,sometimes management does have the life experience. I'm not saying never.

The good ones do. The bad ones freak out.

Sometimes another way to think about it is, management has a degree and technicians have certifications. We are chatting about any number of education plans that could happen to someone.

degrees can also be technical.

sometimes people have both but just in my experience they usually end up in a management role doing technical things when the technical guy is away.

wintermute000

Does OSCP require programming expertise beyond basic bash/perl scripting level? It sure looks fascinating but as an infra guy with no formal programming training I would think I'd struggle with that side of it (writing/porting exploits).

Master Of Puppets

wintermute000 wrote: »

Does OSCP require programming expertise beyond basic bash/perl scripting level? It sure looks fascinating but as an infra guy with no formal programming training I would think I'd struggle with that side of it (writing/porting exploits).

It's really not that big of a deal. They are basic stuff and it won't be much of a problem to learn them. Plus, as far as I know, they do a good job at explaining them. One of my friends who is a network admin had never seen code before and it took me a couple of days to teach him basic scripting.

wintermute000

I'm not worried about basic scripting, I'm talking about the specific requirements are in OSCP

YuckTheFankees

@wintermute000,

I do not understand your response, Master Of Puppets answer was dead on. You do not need expertise in programming or scripting, plenty of people have gone into the course not knowing either. But if that's the case, expect to put some time in to learn the basics. And to be fair, people who do have programming knowledge also struggle with writing exploits.

wes allen

Started looking at the Red Hat track and their top level security cert, RHCSS, looks pretty technical.

SephStorm

wintermute000 wrote: »

I'm not worried about basic scripting, I'm talking about the specific requirements are in OSCP

I'm worried about basic scriting, The scripting I learned about before OSCP was completely different than the scripting used in the course.

Sounds Good

So I guess it's been decided OSCP is THE cert to get for technical security. How much experience does one need in order to tackle this?

Master Of Puppets

Personally, I think this cert is not for every Tom, Dick or Harry. It is very intense and although it starts from the ground up, in my view, it would be best to work in the field some time before going for it. I just don't see much of a point otherwise. It depends on your level but a year or two is not a lot of time to wait here. Some would even say this is way too short.

bobloblaw

Sounds Good wrote: »

So I guess it's been decided OSCP is THE cert to get for technical security. How much experience does one need in order to tackle this?

Here's the syllabus:

http://www.offensive-security.com/documentation/penetration-testing-with-backtrack.pdf

From what I've been told by peers, basic knowledge of linux and bash is good enough to get started.

I wouldn't necessarily call it THE cert for technical security. It's a penetration testing certification. They're not teaching you how to audit security controls. They're teaching you to find and exploit vulnerabilities in systems (someone please correct me if I'm wrong).

the_hutch

Per Offensive Security's website, the only prerequisites for taking the OSCP course are a familiarity with Linux and TCP/IP. If you ask me...its a course that anyone with decent amout of security experience can tackle. The only real prerequisite in my opinion, is a high tolerance for frustration and a whole lot of free time (I think I've spent a few hundred hours on this course).

Killj0y

the_hutch wrote: »

The only real prerequisite in my opinion, is a high tolerance for frustration and a whole lot of free time

+1. I would just give it a shot. If you are serious about offsec, you will put in the time. And remember to have fun with it.