Thoughts please?

Hey guys/gals,

I've been debating which direction to go from here. I've almost completed my BS IT:SEC from WGU. There are two different paths that interest me greatly. Pentesting and Malware Analysis. I like offensive security and research(also fond of math). I was reading about the GREM certification and it looked awesome. I have some experience with c/c++ and java. Enough to know that I like coding as well.

I've also got to consider which of these will actually get me a well paying job (well paying meaning that I could support a family). The problem is that I really want to know both and both are full-time pursuits.

I was thinking of pursing these certs in the following order

1. CEH
2. OSCP
3. GREM (I'd intermix this when I need a break from the others)

I'd just hang onto my Network Analyst job until I obtained the OSCP before applying for anything else. With my background in networking, I'd think it would be easier for me to land a job in pentesting. Maybe I should go for pentesting first, then move into reverse engineering in the future. I don't think I really have the experience in programming to go directly to malware analysis.

I just want to get into the security field ASAP so that the security experience clock can start ticking.

Recap: CEH-> OSCP-> Pentesting-> GREM/Programming-> Malware Analyst

I think I'm missing some certs, there's just so many

Any thoughts?

Find more posts tagged with

Comments

xax

Hi.
From business viewpoint I think that CEH it's ok But I prefer eCPPT or eWAPT for the effective knowledge.
I'm doing eWAPT and in 2014 I'm going to do OSCP.

r0ckm4n

I agree with xax on preferring eCCPT or eWAPT over CEH. I am a pentester and I got more out of the OSCP than I did the CEH, although I never took the CEH exam. The eCCPT would prepare you for the OSCP. I am seeing a lot more jobs these days looking for people with the OSCP cert. One example is Fishnet Security. They have jobs that they want OSCP or OSCE certified people and the only jobs they have that they mention CEH cert, are SOC analysts or SIEM analysts. In other words the positions that call for a CEH cert is jobs that only a knowledge of hacking is needed and not the actual ethical hacking skills.

jvrlopez

I'd say skip CEH. Its very basic and only introduces you to ethical hacking (attacks, legalities, various tools). Nothing in the objectives or test would have you actually pen testing. Save the $500 and put it towards something else.

NovaHax

I agree with the general consensus here. You've already passed both Sec+ and CCNA-S...CEH isn't really going to expand your knowledge in security.

I know some here have recommended eLearn certs. Personally, I'd just recommend taking the plunge and going for OSCP. With your background and a little persistence, you'll get through.

Cold Titanium

"Personally, I'd just recommend taking the plunge and going for OSCP"

Really? I was under the impression that the OSCP is a real booger to pass. I've not had any precursor classes on pentesting. Just some basic stuff that I studied for myself. I read the first few chapters in books like the Metasploit pentesters guide and I've used Backtrack a little. I just haven't had time to dive in because of school studies.

Master Of Puppets

Going straight for OSCP may not be a bad idea. How comfortable are you with linux? The coding section will probably not be your problem, you also seem to have the networking part down. Downloading a few vulnerable VMs and building a lab to practice in will somewhat get you up to speed. You can also go through a book or two to get an introduction. A little Bash and Python here and there and it almost sounds too easy

However, chances are that no matter how you prepare, you will feel the pain. That's what makes it good.

Cold Titanium

"How comfortable are you with linux?"

I'm pretty comfortable with it. Slightly rusty, but I've done a lot in the past. Apache, bind, squid, bash scripts, basic linux functions etc...plus I've run a rocks cluster before.

Any books anyone might recommend for prepping for the OSCP? I haven't searched the forums for recommended material yet...

Thanks for all the input guys/gals!

NovaHax

Cold Titanium wrote: »

Really? I was under the impression that the OSCP is a real booger to pass. I've not had any precursor classes on pentesting.

It is indeed a real booger to pass. But only because of the persistence it takes to get through it. But that's going to be the case no matter how much prep you do for it. In the end, OSCP/PWB is an entry level course and will introduce you to everything you need to know (assuming you know TCP/IP fundamentals and have a basic comfortability with linux). You will want to smash your keyboard through the monitor on more than one occasion...but it will be a rewarding experience and you will learn more from it than most other cert programs out there.

NovaHax

Don't worry about books. Just download metasploitable and start looking up tutorials on google.

There are easily 100+ ways to break into that guy (between services and vulnerable web-apps). Try to get in a couple different ways and make sure you understand what you're doing and why. Then register and get ready to Try Harder

Cold Titanium

So I have to go through Pentesting With Backtrack before I can take the cert. It's pretty expensive for the training materials. How do you take the actual test?

EngRob

PWB will set you up for the OSCP cert. Their course comes with the PWB materials + lab time + certification test (OSCP).

Yes it's expensive.

NovaHax

I'd have to say I disagree. Compared to other certification and training programs in the industry...PWB/OSCP is extremely cheap. I paid $3500 for my CEH training program and nearly $5000 for my CISSP training program. Both of those were only a week long. In the end, OSCP was the cheapest, I got 3 months access to the labs...and it was the best value by far.

wes allen

Yep, OSCP is far and away one of the best values out there in infosec training. And while it is focused on offense, it teaches you how to actually use a whole lot of great tools that can be applied to other areas.

Cold Titanium

I guess I'm just too used to a $45 book and $250 tests

Boooy do I have the studying ahead of me. That's cool though, I'm excited to finally get started! Thanks for the info guys/gals! Just saved me a lot of time.

How much pre-study on Assembly should I do?

NovaHax

None. The only exploit development you will do is a basic stack overflow. You will need to know the function of the EIP (pointer) and the ESP register to build a stack overflow. But they will introduce you to these concepts in the course (if you aren't already familiar).