Listing of Security Related Certs I have compiled

This is the long and convoluted list facing IT security Professionals. I will re-categorize by skill and review if i have some time later =) For now know that all these are only as good as what your employer is looking for. Exemptions imo are OSCP, CISSP, GSE. These are the three I aspire to.

(CPTS) Certified Penetration Testing Specialist

http://www.mile2.com/Exam_MK0-201_CPTS_Certified_Penetration_

Testing_Specialist.html

(CPTE) Certified Pen Testing Expert

http://www.mile2.com/Certified_Pen_Testing_Expert_CPTE.html

(CISSP) Certified Information Systems Security Professional

https://www.isc2.org/cgi-bin/content.cgi?category=97

(CWSP) Certified Wireless Security Professional

http://www.cwnp.com/cwsp/

(CEH) Certified Ethical Hacker

http://www.eccouncil.org/ceh.htm

(ECSA) EC-Council Certified Security Analyst

http://www.eccouncil.org/ECSA.htm

(LPT) Licensed Penetration Tester

http://www.eccouncil.org/LPT.htm

Security5

http://www.eccouncil.org/security5.htm

(S+) Security+

http://certification.comptia.org/security/

(SCNS) Security Certified Network Specialist

http://www.securitycertified.net/SCNS_certifications.htm

(SCNP) Security Certified Network Professional

http://www.securitycertified.net/SCNP_certifications.htm

(SANS) SysAdmin, Audit, Network, Security Institute

(GISF) GIAC Information Security Fundamentals

http://www.giac.org/certifications/security/gisf.php

(GSEC) GIAC Security Essentials Certification

http://www.giac.org/certifications/security/gsec.php

(GPEN) GIAC Certified Penetration Tester

http://www.giac.org/certifications/security/GPEN.php

(GCIH) GIAC Certified Incident Handler

http://www.giac.org/certifications/security/gcih.php

(GSE) GIAC Security Expert

http://www.giac.org/certifications/gse.php

(SCNA) Security Certified Network Architect

www.securitycertified.net/SCNA_certifications.htm

(SSCP) Systems Security Certified Practitioner

https://www.isc2.org/cgi-bin/content.cgi?category=98

(CNDA) Certified Network Defense Architect

http://www.eccouncil.org/cnda.htm

(CIW) CIW Security Professional/Analyst

http://www.ciwcertified.com/exams/1d0470.asp

(OSCP) Offensive Security Certified Professional

https://www.offensive-security.com/ilt.php

(OSPA) OSSTMM Professional Security Analyst

http://www.isecom.org/projects/opsa.shtml

(OPST) OSSTMM Professional Security Tester

http://www.isecom.org/certification/opst.shtml

(BISA) Brainbench Information Security Administrator

http://www.brainbench.com/

2 thoughts on “Listing of Security Related Certs I have compiled

  1. OSCP is the best technical certification program I have seen so far, especially to 2008/2009 standards. GSE just has insane requirements and a minimal set of people have met them (11 in 5 years?!).

    OPST is very forwarding looking. This is only worthwhile if you have mastered the technical focus of your career and want to postulate what is possible on the strategic process side. It could also become a dominant measure of tactical technical ability, but in 2008/2009 it is not quite there yet.

    CISSP and all ISC2 certifications are on their way out, regardless of the promises, the re-certification, and the continual education processes. However, many venues will continue to worship them for an unknown reason.

    One of the major institutions requiring certification is the US military and government information assurance programs. The DODI 8570.01M is the manual that anyone interested in certification should read (please don’t read just the SANS version, they are very biased).

    SCNP/SCNA is a very good path to take for the IAT track – the material is good and widely available. SANS and ISC2 pretty much own all of the other track paths, although the CERT CSIH and ISACA CISA keep the program somewhat vendor neutral.

    I have never considered ISC2 or SANS to be vendor neutral (they are vendors in my mind). However I have some nice things to say about SANS, but they are hit or miss and will have to wait for another time.

    OSCP is certainly worth everyone’s time and energy. While there is more depth to CWSP, I think OSWP is more relevant today. I do not like the OSWP reliance on Backtrack tools, even though right now they happen to be the most complete.

    OSWP is going to be both important and popular soon. The training and certification are cheap, consistent, and timely. This is a serious win. Although the syllabus for OSWP is awesome — the SANS Wireless Ethical Hacking Pen-Test course appears to be even better if you check out Days 1-6 in detail. I would recommend both to those who want to specialize in WiFi/WEP assessments. Woops I just said something nice about SANS training, although you should note that it is incredibly expensive and taking 6 days out of your work life might be a pretty big deal.

  2. haha! good comments ntp!

    I will take all these into account. Email me sometime, i’d love to chat more about security =)

Leave a Reply

Your email address will not be published. Required fields are marked *