Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Is there a scam in Security Certifications

from [Maudite MLRL] Network Security [Permanent Link]
Subject: Re: Is there a scam in Security Certifications
Date: Thu, 1 Jun 2006 07:42:06 -0600 
I too have the CEH, and the CISSP and soon CISA..... (some cisco, some
sniffer pro, ...)

They have not made a difference in getting positions for me. All have
been required after the fact and paid for by my companies to prove a
level of competence among the staff for some 3 letter agency.

Certs are what you make of them. I view it more as a training class
and the cert is a bonus. The CEH for me was very basic, most of my
free time went to talking with the instructor who was a professional
pen tester and did this part time for "special clients" (at this time
a 3 letter agency). We traded tools and scripts and tricks. That
networking made it' worth the $$ my company paid and I found another
resource for me when I run into a problem.

You can't base a persons competence on passing a test. I have run into
"expert" clients that have any mixture of certs. You need to put
together a base that allows you to know when you are being BS'd and
how to ask the pointed questions to root them out.

No matter what they say, its just a training experience. Certs are for HR.

Maudite
Senior Lead IT Auditor


On 5/31/06, xelerated <xelerated@gmail.com> wrote: 
Good research.... alarming to say the least.

I have a CEH cert. now im bummed.

But I also took the class. I did like the class, and it did have some
value for me.
I dont regret taking it at all. It filled in a few gaps that I had.

Makes me wonder about going after any others though.



On 28 May 2006 05:56:45 -0000, adich71@yahoo.com <adich71@yahoo.com> wrote:
> I came across these posts recently at a forum
>
>
> There is more hype than substance in EC-Council.
>
>
> Check this link 
https://esos.state.nv.us/SOSServices/AnonymousAccess/CorpSearch/CorpDetails.aspx?CorpID=429981
>
>
> EC-Council or International Council of ECommerce Consultants is a Nevada 
incorporated company and has NO office in New York as they claim. Pay them a visit 
and there is absolutely NOTHING there. Any enquiry called is always met with one 
response - please email. Try checking their claims before you invest in their 
products
>
>
> EC-Council had announced an university earlier this year at Wyoming. They 
claim the certifications would get credits for their masters program. Its a 
diploma paper mill at best that will have its license revoked sooner or later as 
per the legislature revoking all unaccredited programs. Check this link  
http://legisweb.state.wy.us/2006/Digest/SF0069.htm
>
>
> From their university website "EC-Council University is licensed by the State of 
Wyoming under Wyo. Stat. 21-2-401 through 21-2-407 and neither the Department of Education 
nor the Wyoming State Board of Education has accredited or endorsed any course of study 
offered by EC-Council University"
>
>
> If you check their members list as well, you will realize that most of them 
are ficticious or hardly involved. Renaming the only program they sell is not 
going to fool the government for long I guess.
>
>
> Check this link http://www.eccouncil.org/cnda.htm and compare it with 
http://www.eccouncil.org/CEH.htm - Its the same thing. What is the value for 
existing CEH if they are going to certify some of the candidates as CNDA?
>
>
> Everything is the same. There is no alteration. Its not just money here... If 
some of us are going to be CEH and some CNDA, wont one destroy the value of the 
other? They are out to squeeze every last drop of money they can - think about 
it... To do LPT, you must have attended training. Check their website 
http://eccouncil.org/lpt/LPT-Course-Outline.htm
>
>
> Look at the cost - 2500 USD and see what you get in return
>
>
> Plaque with your name on it
>
> LPT License card
>
> Resource CD-ROMS
>
> LPT T-shirts
>
> LPT caps
>
> LPT Certificate
>
> LPT Lapel Pin
>
> Membership ID
>
>
> The million dollar question - license for what???
>
>
>
> Why dont we go to archive.org to the wayback machine (as shown in CEH course) 
and look at EC-Council's site. ECSA / ECSP/ ECAD / LPT / etc have been announced 
more than a year ago. Why are there no certifications coming out yet?
>
>
> The funniest part is that nobody else claims LPT is prestigious - nor is 
there an industry demand or recognition. LPT will grant you the license (to do 
what???). Please mail them and ask what the license stands for?
>
>
>
>
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request@cenzic.com for details.
> ------------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------




--

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  CS-Mars appliance, Mark Teicher
Next by Date:  Intershop application - default passwords other than "operator", Petr . Kazil
Previous by Thread:  CS-Mars appliance, Mark Teicher
Next by Thread:  Re: Is there a scam in Security Certifications, Rick Van Luvender
Indexes:  [Date] [Thread] [Top] [All Lists]