-3

I have been asked to compare "officially" some pentest certifications, namely:

  • GIAC
  • CEH
  • OPST
  • OSCP
  • ...and if you have some more, they're welcome!

Now, I have my points of view and I don't want to be biased by them, hence I would like to ask you if you have some references to benchmarks or comments around the network. And yes, I know Google's a friend, but people's mind works somehow better. Especially, considering that this is a heavily "sponsored" topic.

jmq
  • 103
  • 1
  • 6
gbiondo
  • 33
  • 2
  • 7

1 Answers1

1

Really haven't too much experience with most of them but my two cents:

GIAC - has a lot of certifications, lets you specialice on what is most relevant and dig deeper into that topic so if i.e. you are working on pentesting web-applicaitons or wiriting secure web-applications they should be great.

CEH - Covers a lot of ground in the same certification as far as I know. So demonstrates general overall security competence.

As for the other two you mention I have no in-depth knowledge so I refrain from commenting. You could also take a look into the general ISACA certifications CISSP/CISA but they are really not pen-testing. So my advice is either specialise or go with the most fitting GIAC/SANS certification/training. I went with GIAC after some consideration.

vidar
  • 124
  • 3
  • I have already my own certs, and that's why I wanted to see other people's opinions. In detail, I'm already an OPST, a CISSP, and a CISM, among the other ones. However, I don't want to use my own opinions, because, as said, they're biased. – gbiondo Jun 22 '14 at 18:57