Best technical security certs

I was reading through the "GSEC Wasted Effort" thread, and saw a comment in there that got me thinking... What are the best technical security certs? We're all familiar with the management certs (CISSP, CISM, etc...) - but what if someone were looking to get a cert demonstrating their knowledge of security from a technical aspect?

The Cisco CCN*-Security certs seem like they'd be a pretty good representation. And I really liked the Microsoft MCSE-Security cert from a few years back, but they've apparently killed their interest in the security cert realm. The OSCP also sounds awesome, and is probably going to be the next cert I go after (after CCNA)...

So - thoughts?
Graduated Carnegie Mellon University MSIT: Information Security & Assurance Currently Reading Books on TensorFlow

Comments

  • f0rgiv3nf0rgiv3n Member Posts: 598 ■■■■□□□□□□
    I'm just cracking the surface (so take my input like a grain of salt) on the infosec certs and my initial view is that it is completely dependent on what you want to do within the security field. I feel that the CISSP, CISA & CISM are great generic infosec certs to be able to show an overall knowledge and experience in infosec. You get into OSCP type stuff you're going to be on the deep technical side of pentesting.

    The CCNA Security, CCNP security are network security certifications (obviously, since it's a Cisco cert icon_pirat.gif). These types of certifications are more for firewall management: things like RADIUS and TACACS+ for AAA, ACLs, VPNs, etc...

    And then you have the forensics certifications, of which JDMurray has made a really great review of all of them on this site. (Computer Forensics Certifications - TechExams.net IT Certification Blogs) These are obviously for those who have to deal with computer forensics in their day-jobs.

    So I guess it comes down to what you truly want to be doing: Do you want to be an infosec manager(CISM,CISSP,CISA)? pentester(C|EH,OSCP)? forensics (CHFI, EnCE)?

    Hopefully someone with more experience in the field can pipe up but this is what I've gathered over time. One last thing, SANS has their whole set of certs for each of those specialties as well :) . I'm not saying one must pick and choose a specialty, I'm just saying that your certification portfolio will probably reflect what you want to do.
  • YFZbluYFZblu Member Posts: 1,462 ■■■■■■■■□□
    It totally depends on what you want to do in infosec - Getting administration certs could pigeon-hole you into being just that...an administrator. There are many different facets of Information Security and I would recommend looking at all of them.
  • Master Of PuppetsMaster Of Puppets Member Posts: 1,210
    For very technical certs, I think the OSCP is the clear winner. Unfortunately, I haven't had the pleasure to start working on it(which will happen for sure) but I think in that case it should be put in front of the others because it requires technical knowledge of not only one aspect of security - you need to be familiar with networks, programming, operating systems etc. Want to go even more hardcore? There's the OSCE :D
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • bobloblawbobloblaw Member Posts: 228
    All depends on ultimately what you want to do. That said, the most hits I see for straight tech that have great reps for their certs are Cisco and Red Hat. Hard to go wrong with either depending on what you do in InfoSec in my opinion.

    Now the stuff that actually interest me are specialized. OSCP, Wireshark, Nessus, Snort, Encase, and many other specialty certs that I think would be interesting to learn just don't get that much love on job sites.
  • JinverarJinverar Member Posts: 95 ■■■□□□□□□□
    In my opinion Technical Security is a different concept of Infosec. Technical Security Specialists must be way more Technical than just OSCP and IT related CERTS. Technical Security Specialist is defensive in nature, not offensive but requires to know offensive skills. The police Technical Security specialist will use technical security in an offensive technique planting wiretaps and GPS trackers. For a TSS designation add in EMSEC and wiretap detection abilitys. Add in a basic and advanced electrical courses from a local coledge. Math is also good. Need a course in Telephones, Cell phones, understand demarkations, covert cameras instalations, sigint, cyber, digital forensics, malware analysis, here is a link Professional Development TSCM Group - Home Page and Home - National Technical Investigators' Association TSS designation will need some technical private investigations such as GCIH. Military time is almost a pre-req. No one cert can get you to a Technical Security Specialist designation. Multiple certs and courses combined. TSCM Technical Security Specialist (TSS) - Designate Certification Training - Education - Career and REI Technical Training Center

    In terms of price it's tripple what sans offers. Look at the qualifications of Mr Atkinson. Biography and Qualifications - Atkinson

    This one is almost based purly on life experience vice certifications. all your jobs together may make you a TSS when you come age like 30+ ish. give or take. Think more like 40+ unless you are top of your field. Potentially you could be a TSS in a specific field.

    Hope it helps. I'm sure this post will come back to haunt me somehow. icon_smile.gif Having re-read the forum post I may have went off the wrong track on this one. This will be the last edit...not sure if my response should be deleted as I may have confused the question with to much details. Anyway those links in this post are great courses for technical security. lol. Have a great day!
    Jinverar, TSS
  • dmoore44dmoore44 Member Posts: 646
    Having worked at a Federal LEO before as a Telecomm Specialist, I can tell you that wiretaps don't require any degree of technical sophistication from the standpoint of a law enforcement officer or tech specialist - it's all done by the telco in compliance with CALEA. Also, they weren't terribly difficult back in the POTS days either. Nothing more than a set of alligator clips were needed. Wireless presents a unique challenge, but again, it's mostly handled by the telcos. VoIP is a whole different challenge, especially when you start throwing encrypted traffic in to the mix, but if you understand how phone calls are made then intercepting un-encrypted VoIP traffic is still a pretty trivial task.

    I guess the root of my question is that there are a whole bunch of so-called management certs (i.e. the intersection of management skills and Infosec) that are available, and it seems like those are highly sought after. So, which certs provide the intersection of Infosec related knowledge and technical skill/ability.
    Graduated Carnegie Mellon University MSIT: Information Security & Assurance Currently Reading Books on TensorFlow
  • JinverarJinverar Member Posts: 95 ■■■□□□□□□□
    It takes technical sophistication to detect a rouge access point, cellphone, wiretap, telephone, pots, voip, body warn transmitter or any other million device in the field.....If you don't want your wiretap detected then yes it gets highly technical for an installation. again covert cameras or gps transmitters are also technical to install or detect. A set of alligator clips with a beige box is the most novice / noobe type. The telcos sound like they handle your technical security. Wireless security can get very very technical looking through the RF specturm from 1khz - 60ghz or higher. Looking for ones and zeros is just as important as checking airwaves, telephone line voltage or physically and technically inspecting wires. The technical guys with the boots on the ground get life experience volunteering for jobs that management can't do because they missed the experience. Technical certs are normally called "technical" or have a warning or pre-requisite of being technical. I am trying to help the group listing a few above. I'm not trying to belittle anyone. I like your post dmoore44. I think we are getting close to your answer. let me know if I can help more.
    Jinverar, TSS
  • JinverarJinverar Member Posts: 95 ■■■□□□□□□□
    Correction,,,sometimes management does have the life experience. I'm not saying never. icon_smile.gif The good ones do. The bad ones freak out. icon_smile.gif

    Sometimes another way to think about it is, management has a degree and technicians have certifications. We are chatting about any number of education plans that could happen to someone.

    degrees can also be technical.

    sometimes people have both but just in my experience they usually end up in a management role doing technical things when the technical guy is away.
    Jinverar, TSS
  • wintermute000wintermute000 Banned Posts: 172
    Does OSCP require programming expertise beyond basic bash/perl scripting level? It sure looks fascinating but as an infra guy with no formal programming training I would think I'd struggle with that side of it (writing/porting exploits).
  • Master Of PuppetsMaster Of Puppets Member Posts: 1,210
    Does OSCP require programming expertise beyond basic bash/perl scripting level? It sure looks fascinating but as an infra guy with no formal programming training I would think I'd struggle with that side of it (writing/porting exploits).

    It's really not that big of a deal. They are basic stuff and it won't be much of a problem to learn them. Plus, as far as I know, they do a good job at explaining them. One of my friends who is a network admin had never seen code before and it took me a couple of days to teach him basic scripting.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • wintermute000wintermute000 Banned Posts: 172
    I'm not worried about basic scripting, I'm talking about the specific requirements are in OSCP
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    @wintermute000,

    I do not understand your response, Master Of Puppets answer was dead on. You do not need expertise in programming or scripting, plenty of people have gone into the course not knowing either. But if that's the case, expect to put some time in to learn the basics. And to be fair, people who do have programming knowledge also struggle with writing exploits.
  • wes allenwes allen Member Posts: 540 ■■■■■□□□□□
    Started looking at the Red Hat track and their top level security cert, RHCSS, looks pretty technical.
  • SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
    I'm not worried about basic scripting, I'm talking about the specific requirements are in OSCP

    I'm worried about basic scriting, The scripting I learned about before OSCP was completely different than the scripting used in the course.
  • Sounds GoodSounds Good Member Posts: 403
    So I guess it's been decided OSCP is THE cert to get for technical security. How much experience does one need in order to tackle this?
    On the plate: AWS Solutions Architect - Professional
    Scheduled for: Unscheduled
    Studying with: Linux Academy, aws docs
  • Master Of PuppetsMaster Of Puppets Member Posts: 1,210
    Personally, I think this cert is not for every Tom, Dick or Harry. It is very intense and although it starts from the ground up, in my view, it would be best to work in the field some time before going for it. I just don't see much of a point otherwise. It depends on your level but a year or two is not a lot of time to wait here. Some would even say this is way too short.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • bobloblawbobloblaw Member Posts: 228
    So I guess it's been decided OSCP is THE cert to get for technical security. How much experience does one need in order to tackle this?

    Here's the syllabus:

    http://www.offensive-security.com/documentation/penetration-testing-with-backtrack.pdf

    From what I've been told by peers, basic knowledge of linux and bash is good enough to get started.

    I wouldn't necessarily call it THE cert for technical security. It's a penetration testing certification. They're not teaching you how to audit security controls. They're teaching you to find and exploit vulnerabilities in systems (someone please correct me if I'm wrong).
  • the_hutchthe_hutch Banned Posts: 827
    Per Offensive Security's website, the only prerequisites for taking the OSCP course are a familiarity with Linux and TCP/IP. If you ask me...its a course that anyone with decent amout of security experience can tackle. The only real prerequisite in my opinion, is a high tolerance for frustration and a whole lot of free time (I think I've spent a few hundred hours on this course).
  • Killj0yKillj0y Member Posts: 39 ■■□□□□□□□□
    the_hutch wrote: »
    The only real prerequisite in my opinion, is a high tolerance for frustration and a whole lot of free time

    +1. I would just give it a shot. If you are serious about offsec, you will put in the time. And remember to have fun with it.
    Certifications: GPEN, SMFE, CISSP, OSCE, OSCP, OSWP, Security+, CEHv6, MCSE+Sec:2003
Sign In or Register to comment.