Jump to content

The Ultimate Infosec Certifications Guide


MalwareTech
 Share

Recommended Posts

Looks useful!

Out of curiosity, what's the MalwareTech take on the OSCP? Seems to still be regarded as the gold standard for pentesting by HR departments, but are there better certifications out there?

Link to comment
Share on other sites

10 minutes ago, Stak-One said:

Looks useful!

Out of curiosity, what's the MalwareTech take on the OSCP? Seems to still be regarded as the gold standard for pentesting by HR departments, but are there better certifications out there?

I don't really know anything about it because I haven't ever taken any certs

  • Like 1
Link to comment
Share on other sites

40 minutes ago, Stak-One said:

Looks useful!

Out of curiosity, what's the MalwareTech take on the OSCP? Seems to still be regarded as the gold standard for pentesting by HR departments, but are there better certifications out there?

For what it's worth from me, it's going to vary wildly with each business, if their HR staff is actually versed in what certs are good, it's the gold standard. If not, the CEH seems to be more well known and a more attractive cert for hiring managers even if you and I know it's pretty garbage.

  • Like 1
Link to comment
Share on other sites

21 minutes ago, Vetrinus said:

For what it's worth from me, it's going to vary wildly with each business, if their HR staff is actually versed in what certs are good, it's the gold standard. If not, the CEH seems to be more well known and a more attractive cert for hiring managers even if you and I know it's pretty garbage.

It will vary massively between business, industry, and even geography. It's up to management / leadership to steer HR into valuing certain certs, degrees, experience, or education over others. HR knows nothing about the subject matter (even though they may try to claim they do). It's a dance that needs to occur between management / leadership and HR to set up the right recruiting, compensation, retention, training/development, and etc program for professionals. 

  • Like 1
Link to comment
Share on other sites

1 hour ago, MalwareTech said:

I don't really know anything about it because I haven't ever taken any certs

FWIW: I am not a pentester.  I spend my day in Excel and PowerPoint, and the occasional Friday afternoon nmap'ing my way around our internal network looking for things to compromise.  My other certs are for sysadmin roles (redhat / jboss), but I do have CEH (lol) and CISSP....

I took OSCP in 2018 (before all the AD stuff was added) because I wasn't sure what to do next.  I found it to be a good laugh, not too difficult and the BOF stuff was quite trivial and entertaining to learn.

Prepped with HTB, did 90 days labs and then took the exam, passing first time.

It feels like it could be useful if you're a pentester - certainly it'll get you through recruitment droids as it's seen as the 'gold standard' in most business circles for pentesting gigs, but if *I* can pass it first time, it has to be considered an entry level certification.

Personally, believing that certs will give you a successful career is not going to work.  You have to show your own determination and drive.  Certs are usually introduction to a topic, passing an exam shows you have the basic knowledge, but the real learning is done in the real world.

  • Like 2
Link to comment
Share on other sites

2 minutes ago, clarkee said:

occasional Friday afternoon nmap'ing my way around our internal network looking for things to compromise. 

Does your company know you are doing this? If not, I would worry about their ability to find a real adversary snooping around inside 😅

Also, be careful if you don't have permission to do this. If something breaks, you'll be the one holding the bag as they find who to blame and fire. 

Link to comment
Share on other sites

2 minutes ago, doctor_tran said:

Does your company know you are doing this? If not, I would worry about their ability to find a real adversary snooping around inside 😅

Also, be careful if you don't have permission to do this. If something breaks, you'll be the one holding the bag as they find who to blame and fire. 

Yes, I got permission from the Chief Security Officer before I started 😉

Link to comment
Share on other sites

15 minutes ago, clarkee said:

Yes, I got permission from the Chief Security Officer before I started 😉

This is the way 😎

  • Like 1
Link to comment
Share on other sites

3 hours ago, Stak-One said:

Looks useful!

Out of curiosity, what's the MalwareTech take on the OSCP? Seems to still be regarded as the gold standard for pentesting by HR departments, but are there better certifications out there?

I may not be malwaretech, but from what I heard the OSCP is "artificially made difficult" by the constraints set for the exam. I took the eCPPTv2 and it was a somewhat realistic pentesting scenario (although a bit outdated and for some maybe "too easy")

But I think in terms of HR filtering OSCP seems to be the main focus for most companies. But eCPPT as well as PNPT are catching on - they're just not as recognized right now as OSCP.

Edited by Zanidd
  • Like 1
Link to comment
Share on other sites

I'm always surprised by where a lot of these certs are placed along the Y-axis. BTL1 seems more like a beginner cert, for example.

  • Like 1
Link to comment
Share on other sites

11 hours ago, garandou said:

BTL1 seems more like a beginner cert, for example.

i just did the BTL1 about 3 days ago because bought it 4 months ago. 

just did around 1/4 of the Learning topics and a few labs. Passed the exam on first just because i know many of the "basic concepts" as a blue teamer 

  • Like 2
Link to comment
Share on other sites

1 hour ago, Florian said:

i just did the BTL1 about 3 days ago because bought it 4 months ago. 

just did around 1/4 of the Learning topics and a few labs. Passed the exam on first just because i know many of the "basic concepts" as a blue teamer 

That's the sign of a good cert, imo. I hate the ones wherein passing is more about knowing how to take the exam than knowing the skills.

  • Like 1
Link to comment
Share on other sites

47 minutes ago, garandou said:

That's the sign of a good cert, imo. I hate the ones wherein passing is more about knowing how to take the exam than knowing the skills.

True That

 

but it is def. entry level or "that level should be entry level"

  • Like 2
Link to comment
Share on other sites

4 hours ago, garandou said:

That's the sign of a good cert, imo. I hate the ones wherein passing is more about knowing how to take the exam than knowing the skills.

I think in that regard OSCP and eCPPT are a "good" cert to assess offensive sec skills. They both have a black box "pentest"-like environment that you need to pwn and write a report.

Link to comment
Share on other sites

I was looking for exactly something like this, cheers.

Although my second problem is I am a beginner and can't decide what subfield I enjoy the most. Just kinda following what I think my strengths are.

Don't know if i want to go for something like Linux+ or Security+ or both.

OSCP for sure.

 

Link to comment
Share on other sites

19 hours ago, Zanidd said:

I may not be malwaretech, but from what I heard the OSCP is "artificially made difficult" by the constraints set for the exam. I took the eCPPTv2 and it was a somewhat realistic pentesting scenario (although a bit outdated and for some maybe "too easy")

Artificially difficult?  Do you mean the moderation conditions?  I can understand why they enforced moderation after the level of fraud they were seeing, and the exam dumps that were made available online... either way, not a hard exam if you've ever run nmap and know how to search exploit-db 😄

6 hours ago, Florian said:

i just did the BTL1 about 3 days ago because bought it 4 months ago. 

just did around 1/4 of the Learning topics and a few labs. Passed the exam on first just because i know many of the "basic concepts" as a blue teamer 

We run all our SOC resources through BTL1, I'm planning on taking it myself this year in an attempt to stay connected to the fun end of the work...

  • Like 1
Link to comment
Share on other sites

3 hours ago, clarkee said:

Artificially difficult?  Do you mean the moderation conditions?  I can understand why they enforced moderation after the level of fraud they were seeing, and the exam dumps that were made available online... either way, not a hard exam if you've ever run nmap and know how to search exploit-db 😄

We run all our SOC resources through BTL1, I'm planning on taking it myself this year in an attempt to stay connected to the fun end of the work...

No, I was referring to the restriction of tools and the set time-limit.

Link to comment
Share on other sites

32 minutes ago, Zanidd said:

No, I was referring to the restriction of tools and the set time-limit.

gotcha!  24 hours *is* plenty of time... and the only restriction i saw was you're only permitted to use metasploit *once*.....

  • Like 1
Link to comment
Share on other sites

I long for the day that CEH gets removed from the planet, such a lame cert, can't believe some employers still require it. It's multiple choice lol (last I checked)

  • Like 2
Link to comment
Share on other sites

wasn't there also a shit storm against EC Council because they behaved like assholes? hatespeech, rascis, misogyn etc? 

Edited by Florian
Link to comment
Share on other sites

1 hour ago, clarkee said:

gotcha!  24 hours *is* plenty of time... and the only restriction i saw was you're only permitted to use metasploit *once*.....

I mean it’s probably doable in 24h with enough red bull, but why not give it a day more…

also they have a full set of restrictions, which outlines multiple tools/techniques

Link to comment
Share on other sites

they want you to understand what you're doing, and not just fire automated tools at the targets.  this doesn't make the exam hard, it's very straightforward.  again, 24 hours is *ages*, and you are allowed to take as many breaks as you want, even go to sleep 🙂

image.png.3e092d8f1dbc909606b3233c5d46ab7c.png

  • Like 2
Link to comment
Share on other sites

19 hours ago, clarkee said:

they want you to understand what you're doing, and not just fire automated tools at the targets.  this doesn't make the exam hard, it's very straightforward.  again, 24 hours is *ages*, and you are allowed to take as many breaks as you want, even go to sleep 🙂

image.png.3e092d8f1dbc909606b3233c5d46ab7c.png

Yeah, I agree. 24 hours, plus another 24 to write the report is pretty long, as exams go. And I appreciate that passing the exam actually demonstrates that you know how to do things step by step rather than relying purely on tools. Which you might be unable to use in an actual test (looking at you, Metasploit; AV has a tendency to not like meterpreter much). I do not have the OSCP yet, btw. I am training for it atm, though. Have to admit: I'm not finding it all that easy.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...