This is a short outcome-focused review of the certification vendors Sam Lyhin had a chance to work with.
Offensive Security
As result, the certified employee would tend to:
- Be proactive
- Be emotionally competent in terms of breaking cybersecurity on the chosen topic (tryharder!!1)
- Change their system of hack thinking, for good or bad
- Tangibly increase their salary expectations
In the case of adversity, they probably would say: “I’ll do that” and will try harder until they die, and then they would try it again.
The key points for effective learning from OffSec:
- The enormous willingness to learn what was created before. OffSec mostly uses the case-based approach to teaching. Z-generation might find Offsec mentally taxing
- Previous experience in IT. Be ready to follow and sometimes to break the “OBEY” atmosphere
- The soft skills to forgive and to be grateful
INE/eLearnSecurity
As result, the certified employee would tend to:
- Be confident
- Have hands-on experience on specific narrowly focused subject-matter topics
- Create their own system of hack thinking. This system might lack interconnection between the topics
- Tangibly increase their salary expectations
In the case of adversity, they probably would say: “Look, there are the top 4 techniques for it, let’s try them all”. If this fails, they might go cry in the bathroom just like OffSec specialists would do if no one helps them at the right time.
The key points for effective learning from eLearnSecurity:
- The willingness to get hacking methodology in a more-or-less systematic way
- Be attentive to non-real-life, unreasonably tricky details
- Be capable of systematically working on lab materials step-by-step, every day, in small pieces during some time. By the way, this works good for well-motivated Z-generation colleagues
PortSwigger
As result, the certified employee would tend to:
- Increase their motivation of doing ethical hacking
- Know where to find the theory to cover the 80% of real-world cases
- Have at least the low-quality hands-on experience, but in the wide range of topics
- Increase their salary expectations to the level of certified junior pen testers
In the case of adversity, they would ask their friends for help.
The key points for effective learning from PortSwigger:
- The willingness to know “cool hacks tricks”
- The honesty. Students should read articles and apply the discovered knowledge in the circumstances when they can painlessly use the solutions
- Low subject-matter skills are required to start.
SANS/GIAC
As result, the certified employee would tend to:
- Be proactive
- Be the self-confident decision-maker who feels enormous power of systematic thinking and knows where to find relevant cases all the time
- Tremendously increase their salary expectations
- By facts, requires continuous practice for at least a year to build the true confidence of what was taught in classes
In the case of adversity, they probably will say: “I feel like I know how to fix it; please give me X (four) hours to suggest a decision we should make”, and they will return with a couple of choices, sometimes however while making mistakes.
The key points for effective learning from SANS:
- Business focus
- The clear purpose of being there
- The ability to systematically deliver value to business before joining SANS
EC-Council (CEH)
As result, the certified employee would tend to:
- Be reactive
- Be capable to suggest good quality decisions 60% of the time
- Have decent systematic thinking and subject-matter expertise
- Lack technical expertise
- Have almost the same salary expectations as a non-certified specialist.
In the case of adversity, they probably will say: “do you really care about this? hey man, you just need XXX, come on. Oh, this will not work? I don’t know how to help you. Please ask someone else. Oh, you think I’m responsible for that? alright, I’ll do my best”. And they will do their best.
The key points for effective learning from EC-Council:
- The ability to read, systemize and memorize
- The willingness to “be a hacker”
- The readiness to do the routine job