Current most valuable certifications going into penetration testing in the US

laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
Hello I'm currently UK based but am likely to relocate to the US next year. I was wondering whether anyone had a view on what the most sought after penetration testing related certifications were currently?

From what I've seen OSCP and CEH seem to both get a lot of attention although they appear to be quite different in terms of practicality?
CCNA - expired
CISSP - live n' kickin'
My CISSP study apps
My CISSP study advice blog

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Talked to a manager of a pentesting company one time and he said the only he cares about is the OSCP. Zero interest in the others.
  • laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
    Thanks. I guess the other option is the SANS offerings.

    Oops - just realised I started this in the wrong section - mods please feel free to relocate!
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
  • shochanshochan Member Posts: 1,004 ■■■■■■■■□□
    CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    CSA definitely does not fall under "most sought after penetration testing related certifications". Heck, it's so new that it doesn't fall under mot sought for anything.
  • ITSpectreITSpectre Member Posts: 1,040 ■■■■□□□□□□
    Honestly I was going to do eJPT.... But based on the threads that I have seen... im going to use the eJPT study materials and YOLO the OSCP....
    In the darkest hour, there is always a way out - Eve ME3 :cool:
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
  • mattf73mattf73 Member Posts: 14 ■■■□□□□□□□
    Go for OSCP.
    I have CEH and it has very little practical value. It is probably handy for a risk manager or similar, who wants to have a high-level understanding of pen testing.

    Similar to what NetworkNewb said, if you can obtain OSCP without work experience you are looking good in the eyes of hiring managers - whether it gets you past HR / recruitment agents is another matter.
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    OSCP is best for real world skills. CEH is good for generic resume padding & for people who don't know much about infosec (like HR), but otherwise CEH is rubbish. GPEN is good if you're just learning the ropes but is hella expensive
  • ITSpectreITSpectre Member Posts: 1,040 ■■■■□□□□□□
    mattf73 wrote: »
    Go for OSCP.
    I have CEH and it has very little practical value. It is probably handy for a risk manager or similar, who wants to have a high-level understanding of pen testing.

    Similar to what NetworkNewb said, if you can obtain OSCP without work experience you are looking good in the eyes of hiring managers - whether it gets you past HR / recruitment agents is another matter.

    ^^^^THIS.....

    I thought about the eJPT.... BUT I enjoy a challenge. So I say im just going to go for the OSCP.... its harder, and I can go slow and learn the material.
    CEH is really a waste unless your trying to satisfy DoD requirements or to get your resume past HR filters
    In the darkest hour, there is always a way out - Eve ME3 :cool:
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
  • laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
    Thanks all - OSCP certainly seems a great hands-on option although looks pretty intense! I was wondering if there might be anything which would be a good stepping stone to use to build up to OSCP - any thoughts?
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
  • ITSpectreITSpectre Member Posts: 1,040 ■■■■□□□□□□
    laurieH wrote: »
    Thanks all - OSCP certainly seems a great hands-on option although looks pretty intense! I was wondering if there might be anything which would be a good stepping stone to use to build up to OSCP - any thoughts?

    the eJPT certification is a good stepping stone. the forums have a link for a free barebones eJPT course here:

    http://www.techexams.net/forums/security-certifications/128404-elearnsecurity-pts-v3-free-course-voucher.html

    That is the link for the free course. The link still works. That will give you a foundation to build on. also search the forum for OSCP and eJPT threads.... it really helped me out a lot. icon_cheers.gif
    In the darkest hour, there is always a way out - Eve ME3 :cool:
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
  • laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
    ITSpectre wrote: »
    the eJPT certification is a good stepping stone. the forums have a link for a free barebones eJPT course here:

    http://www.techexams.net/forums/security-certifications/128404-elearnsecurity-pts-v3-free-course-voucher.html

    That is the link for the free course. The link still works. That will give you a foundation to build on. also search the forum for OSCP and eJPT threads.... it really helped me out a lot. icon_cheers.gif

    Thanks will have a look!
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
  • Dr. FluxxDr. Fluxx Member Posts: 98 ■■□□□□□□□□
    Im working toward the OSCP, but i also heard that the eJPT is a really good stepping stone.
  • technogoattechnogoat Member Posts: 73 ■■□□□□□□□□
    Where can a fresh rookie start?

    I'm studying for my CCNA security but after that I'm wondering where to go.

    OSCP seems like the best practical cert and one very suited towards work


    can a rookie get into OSCP or should I slow down and get something below that?

    any advice?
Sign In or Register to comment.