6

I've looked at the questions regarding certifications on this site and they are essentially asking what to go for.

I hope that my question is distinct enough that is is not considered a dupe.

I travel a lot and frequently, so am looking for a certification that is accepted in many countries. The CISSP would serve this but is too basic. CREST looks interesting but it is UK only.

GPEN cert from GIAC seems nice, but the associated training is rather expensive and I don't want to be paying that much to learn what I may already know.

I am ware of online courses such as those offered by Offensive Security, just in case they have the same stigma associated with them that are associated with online degrees. I was considering paying for the Offensive Security course and taking the GPEN exam, however the OS course seems rather Backtrack specific.

I would really like some recommendations for an internationally recognized pen tester cert that is not at a beginner level.

Sonny Ordell
  • 3,476
  • 9
  • 33
  • 56
  • Just curious if anyone answering this question has considered IACRB's Certified Penetration Tester? Seems like it might still be entry-level-ish to me, along the same ranks (maybe slightly higher, given the "practical test" requirement) as CEH. – Iszi Nov 22 '11 at 22:23

2 Answers2

4

CREST is now being offered in the US, and Germany is looking to implement it soon. Other countries are coming on board in the near future.

Rory Alsop
  • 61,367
  • 12
  • 115
  • 320
  • Ahh I was not aware of that. I was going by a previous answer you gave saying it was UK only and had not realized it had branched out. How would you say it compares to the GPEN cert? – Sonny Ordell Nov 19 '11 at 10:45
  • 1
    Ill need to update that old answer:) In terms of comparison, CREST is considered the gold standard as it tests you in a real world environment. You can use whatever tools you feel appropriate. – Rory Alsop Nov 19 '11 at 11:38
  • CREST say they are the gold standard on their website as well, but I worry it is not as recognized as a GIAC cert. How would you say the exams compare as far as being theoretical vs practical? – Sonny Ordell Nov 20 '11 at 05:51
  • The core of the CREST assessment is an intense assault course which challenged the best of my testers. Very practical, very up to date. A pass also gives equivalency to UK government CHECK rating. GPEN I know less well, but it is more theoretical. – Rory Alsop Nov 20 '11 at 12:41
  • I am not confident that I would pass the CREST course given how intense it is. Could you recommend a training course that may cover the more advanced material, or is there anywhere I can get a better idea about what is in the assessment? – Sonny Ordell Nov 20 '11 at 16:43
1

You might consider CEH (Certified Ethical Hacker), which is going quite into detail of pentesting. Not sure where it is covered, but as far as I know it's globally.

Henri
  • 1,525
  • 10
  • 11