Ready to Start Your Career?
January 1, 2016
Is There A CEH Alternative Certification?
January 1, 2016
Is there a CEH alternative certification? I find a list but dated 2012: 1. CPTC – Certified Penetration Testing Consultant 2. CPTE – Certified Penetration Testing Engineer 3. CompTIA – Security+ 4. CSTA – Certified Security Testing Associate 5. GPEN – GIAC Certified Penetration Tester 6. OSCP – Offensive Security Certified Professional 7. CEH – Certified Ethical Hacker 8. ECSA – EC-Council Certified Security Analyst 9. CEPT – Certified Expert Penetration Tester https://www.concise-courses.com/security/certifications-list/ I don't know if this site is reliable. Check it out :) Sure there is if you feel ready then you can try OCSP, CREST CRT, Mile 2 CPEH look here: https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/ https://www.crest-approved.org/7safe-training/index.html http://mile2.com/penetration-testing-ethical-hacking/cpeh.html and tons of other certifications but if you get OSCP you can apply for CREST CRT which is OSCP equivalent in UK. Look here: http://www.crest-approved.org/professional-qualifications/oscp-and-crt-equivalency/index.html @t13ru - "Sure there is if you feel ready then you can try OCSP, CREST CRT, Mile 2 CPEH " Ready, how so? Please elaborate on this comment! I'm not new to security, just getting serious about it...Want to get some certs to increase my knowledge base and enhance my experience. I'll check out these links, thanks for sharing! Just go for "OSCP – Offensive Security Certified Professional". It's the best for recommendation in Infosec Firms around the world...! 812teck OSCP is very hard exam but recognized across the board, so by "feel ready" I meant if you are sure that you can for example get POC exploit and modify it so you can successfully attack exam machine after 13 hours without sleep and then write write comprehensive report about it. I am currently preparing myself to try OSCP, but trying to focus on exploit development or even modification seems extremely hard. If I am exhausted I am prone to mistakes which in OSCP case might mean difference between passing and failing the exam. So apart of technical skills it seems necessary to train focuss under stress and exhaustion. Or find the best energydrink combination... @t13ru & @mas091, thanks for this awesome feedback! I haven't worked on "get POC exploit and modify it", but I do understand the process. I troubleshoot simple to complex issues daily! I think the difference with addressing the OSCP is focusing on their requirements and understanding the process and tools necessary to pass a complex exam with time constraints. Troubleshooting is troubleshooting, but having the ability to master the skills and tools required to resolve the task at hand and maintain focus, now that's a different beast. I see much learning ahead! Thanks again for your time and feedback! Let's us know when you knock out the beast! In the US people tend to gravitate towards the OSCP, however in the UK there seems to be a lot more official lines of enquiry for ethical hacking. I joined the IISP the other week and there's stuff you can do that I had never heard of. All seems to be related to the content of the CEH of which I'm doing now. I do wish I had researched it more before paying for the CEH as most of it I can find on here and elsewhere. Sure the CEH goes into a bit more depth but v8 is showing it's age, with some of it's methods being a tad outdated. The CREST CPSA seems like a good starting point. A multiple choice exam and a practical element too. They just give you material to research and there's no courses. Always seek advice before jumping into a mode of training that could be a waste of time. @pstewart77, thanks for the info! Go to Mile2 - they are a US based company that works closely with the US government, as well as other military types worldwide. The CPTE – Certified Penetration Testing Engineer - was developed for the US Air Force and they were the ones that got EC Council up and running for the CEH back in 2005-2008, but broke off and accelerated the pen testing certification. It's better than CEH and they won't screw you over. EC Council is based out of Malaysia and care nothing for students that take their official courses. CPTE will teach you to ethically hack and then defend the network. They are used and recognized by the FBI (Tier I cert) and the NSA. It's a combination of SANS/GIAC + OSCP labs with reporting. The difference is the lower price compared to both of them and the time to complete the course. Self Study Kit is $500 + $150 1 week of labs + $400 Exam. Contact this guy: Bill Nelson Manager of Business Development Mile2 www.Mile2.com BillNelson@Mile2.com O: +813 920.6799 ext.26 F: +813.354.2367 He will get the ball rolling for you - so you can get into a hot and growing field! However, if you are just beginning and have no certifications - start with CompTIA A+ce and then Security+ as a foundation. Then move into CPEH or CPTE. Also - as always - there is a ton of free training here on Cybrary and the course videos are better than the official training videos compared to Secure Ninja or ECC puts out. Leo Dregier has a course on here for Ethical Hacking - and having been through ECC CEH official courseware - the Cybrary course is far superior!!! ....and FREE!!! Thanks for the info! I've now finished the CEH and to be honest, I wouldn't advise anyone to do it. Don't waste your time with it. I'm now having to wipe the slate clean and start over because after speaking to employers at a security event it was advised that I just forget certs and do practical work, and show your methods. It speaks far bigger volumes than any certs can. Certs only tell employers you have an understanding of a topic. You can learn so much more doing practical work. I've learned more in my first CTF than I ever have in the CEH. And actual up to date stuff to and not stuff that you can't even find in use anymore. @pstewart77 thanks for sharing those insights...certs are forgetting an interview...hands on shows what you know Very good info. Thanks for sharing. So, we can not forget eCPPT. eLearnSecurity is so good too. They are expensive @812teck, oh yeah. They are, unfortunately. Especially for me that I am not paid in US dollars. I do understand. http://www.darkreading.com/risk/10-security-certifications-to-boost-your-career/d/d-id/1322449?image\_number=3