Security Certification Path

  • CEH (Certified Ethical Hacker) was a great program and definitely my favorite certification training thus far (I have alot of certs). Now I am looking for the logical next step for security. CISSP seems to be what alot of employers want, but the CISSPs I meet don't seem knowledgeable at all. I feel like I learned much more than they did with CEH.

    I was thinking about taking a cert from Offensive Security (the creators of Kali Linux). The pre-requisite is a course called "Penetration Testing with Kali" It seems similar to CEH so I should be able to breeze through it. What is cool about this course is the testing is all lab based. You get a month or two (however long you pay for the labs) to show competency with Kali Linux. That course doesn't give you a cert, but then it allows you to get the OSCP certification.

    The OSCP test is another hands on test where you submit a pen test for a company they build in the lab. If you do the pen test correctly, you pass the cert. It's a 24 hour exam which IMO is more realistic then multiple choice. In the real world you perform work, not answer multiple choice questions.

  • This is probably the most reasonable pricing I have ever seen for any certification. $800 for a complete course, lab access, and certification test. Not to mention it is only $60 to retake which is awesome.


  • No thoughts? advice?