Hey all, So I am currently studying for my CCIE security which my work is supporting me on, however another need has arisen that then want me to take on. They are saying, have a break from the Cisco world, and help us out. Fair enough I say, my head is going to explode! They need penetration testing done and have offered me the opportunity to do the training and then conduct the testing. This serves them the benefit that the person who finds the holes, etc will also be the one fixing them.... So form my research I have found 2 courses that essentially start me down this path. The first is the Certified Ethical Hacker, by EC-Council http://www.eccouncil.org/ceh.htm The second is Penetration Testing, by Offensive security (child training group of makers of backtrack) http://www.offensive-security.com/penetration-testing-backtrack-online-training.php I personally find security interesting obviously, so I will thoroughly enjoy ether of these, however i was wondering if anyone here has done either of these, or both and can make any recommendations? I have the choice, and I wish to gain from whatever training I do personally so that it can be added to my current certification list. If following the EC-Council path, I would like to go on and do the Certified Security Analyst, and the licensed Penetration Tester. If following the Offensive Security path, I would like to do all the courses they offer. Any one had experience here?
I have my CCNA, NET+, SEC+, CCSP, ITIL, VCP, studying for CCIE-sec, and a few others that I cannot think of right now! To many damn acronyms! I saw the CISSP as something I may want to do when I want to be less technically involved down the track.
Hey Yodaa Security is also something that greatly interests me, although it is not much of my line of work at the moment. I would like to study it but right now just start studying so cheap/free is good, would you have a good place to start? Don't worry i want to learn to prevent, not exploit . Good luck with whichever course you choose
Well I am lucky in a sense that I like security, and I work in security. That said I think one of the above streams would definitely take my knowledge to a new level .
What about a GIAC (Global Information Assurance Certification) like GPEN from the security admin stream? (http://giac.org/certifications/security/GPEN.php) The SANS institude originally set GIAC up. Cant say that I know anything about the cert but I've liked some of the papers that come from SANS - the cert is supposed to be vendor neutral... Looks like there's a SANS conf in Sydney in November as well if that's of any help.
If you want to get into penetration testing, you'll need to start mingling with the right crowds. You won't learn anything overly useful out of a text book... Do you reads any of the security sites around the net, that 'half' publish vulnerabilities, etc?
/me follows with interest, exactly the sort of career i'm interested in, I'm guessing getting cisco certification is a good start? What other types of knowledge would be recommended?
I have a GIAC certification through SANS - I'd definitely recommed it. The course material is excellent, up-to-date and platform independent. The sessions I attended were very much hands on (although this depends on the instructor to some degree). There's no substitute for actually trying out the techniques as you go.
Man, forget the certs for a while Get your hands dirty...really dirty and then think about the certs maybe one day when you are really bored. I have zero certs and do security consulting work for the largest corporations in Aus and the world. Essentially you need to become a networking grand master...then learn how to apply that to security. Do you need to do pen tests or vulnerability assessments? There is a MASSIVE difference! After you are all learned up do some courses to feel good about your m4d skillz One thing most people overlook is actually your non-technical skills. Can you be put in front of a client? How do you handle pressure in extreme situations? Can you present your point of view to anyone at any level? Sit in a boardroom full of "experts" and shoot them down Check out the OSSTMM- http://www.isecom.org/osstmm/ Grab metasploit, visit milw0rm, offensivecomputing, etc. grab every security tool you can lay your hands on for windows, nix, os x, bsd Set up a test environment and play and play and play...
I'm not sure about the other certs, but don't do the CEH course. It was fun, and you do learn some techniques, but overall I wouldn't recommend it. Like IACSecurity said, it is very US centric, and the support for it is in Singapore.
Offensive Security Hands Down I recently was privy to trying two different security certifications and as with all security certs they have their ups and downs. Many focus mostly on theory and very little practical use of the tools of the trade. As with other certification exams they tend to be as easy as doing the old "ABBACADABBA" trick you may have done in school. This is not the case with certs from OFFSEC. Their PWB - "Pentesting With Backtrack", is also a challenge to many seasoned professionals and a eye opener for the next generation of security professionals. The other certification I took was SANS 560, GPEN. This is also a challenging certification in the essence I did this with out using any class materials and was still able to pass this certification exam in 56 min. The exam allots you 4 hrs! I acquired my PWB certification and have gone back for more pain and sufferance by continuing with their certification suite. Currently I am in CTP - "Cracking The Perimeter" class for OSCE "Offensive Security Certified Expert" My recommendation is to consider http://offensive-security.com over other certifications. I only wished more certifications were based on practical knowledge.... Certifications are an investment in your career! Invest wisely. Thank you and Good Luck with your career path!
Thanks subinacls. I'm have applied for the WiFi cert as a taste of what the courses are like. It sounds impressive so far. I will then move on to PTwB and CTP.
I want to gear myself towards penetration testing and exploitation techniques. The aim at the moment is external pen testing techniques. OffSec seems to offer this line of training. Also IACSecurity, no offense but who said I have accepted the advice that i want to hear? And how do you even come to a judgment like that? Lets not make accusations regards what I am and am not doing. Do you have any idea how much research I have done regards this issue? In a sense your comments have made me lead towards the OFFSEC stuff as you have made some comments warning to steer clear of CEH, so in respect to the OP, that's helped me make a decision so I dont quite know what you are getting at with your above comment.... I will take whatever advice I want to take as that's a decision I make based on the kind folk in this thread, you being one of them, that have contributed their opinions in this field. Whilst it may not appeal to some, it does to me.
