Author Archives: vmtrain

June 6, 2011

EC-Council’s Take Down Con is Huge Success

By vmtrain

The reviews are in from the EC-Council’s Take Down Con in Dallas a few weeks ago. We had the chance to speak to some presenters, instructors and attendees and the feedback is unanimous. The conference was a success. The conference was created to be a technical skill set leader in the field of pentesting and hacking, and it achieved that goal.

Other conferences in the security space often carry too little high level tech presentations and instruction. They often offer blanket presentations that are more geared for beginners. The few conferences out there now that are geared for the higher level security professional are very expensive and have recently received some mixed reviews, but Take Down Con blew them all away!

The feedback was that the conference was intimate and had a level of attendees that is much higher level in skills than the norm. The EC-Council did a great job in bringing in some exceptional names and respected true professionals to offer high level classes, speeches and presentations. The high level of content at this conference lead to high level discussions and idea sharing among the attendees at night and in between events.

Overall people really seemed to benefit from and enjoy this conference a great deal. It looks like EC-Council is really beginning to emerge as a leader in the technical conference space. The next Take Down Con is listed for Las Vegas in December, 2011.

For more information, visit the Take Down Con website.

Comments Off   |  tags: , , | posted in Uncategorized

May 20, 2011

The Ethical Hacker Club – MeetUp Group

By vmtrain

Meetup.com has been serving as an excellent resource for bringing professionals together to talk shop for years. Now that the ethical hacking / penetration testing industry is as cool and popular as it is, ethical hackers are forming meetup groups to talk about ideas, exploits, techniques and the general trade.

The Ethical Hacker Club, which serves the Baltimore-Washington area is an excellent group for people looking to know more and share more about the pentesting industry. If you get a chance, join them:

Ethical Hackers Meetup Group

Comments Off | posted in Uncategorized

May 16, 2011

Average Salary Value of the CEH Certification

By vmtrain

There is a great post on the IT Training Blog about the Average Salary of the CEH Certification. The post covers data from a few different parts of the world where the CEH cert is most popular. The numbers seemed a little low to me at first, but after some more consideration, the CEH cert is a baseline hacking certification and typically is held by people with a lower level of pen testing experience. I’d be interested to see the increase in average salasry of the ECSA cert, but there may not be available data for that yet. Check out the post here:

Average Salary of the CEH Certification

Comments Off   |  tags: , , , , | posted in Uncategorized

April 6, 2011

Assessing the Value of the ECSA and LPT Certifications by the EC-Council

By vmtrain

The EC Council Certified Security Analyst (ECSA) and Licensed Penetration Tester (LPT) certification is the most advanced ethical hacking certification by the EC-Council. The certification is based on the analytical process of ethical hacking and complements the more basic Certified Ethical Hacker (CEH). While CEH presents hacking technologies and tools to the learner, ECSA focuses on analyzing what the outcome of these tools are. Learners who go through ECS training and certification are able to identify security risks to a network, system or infrastructure and mitigate these risks, thus keeping data safe.

Given the highly sensitive nature of this kind of training, it is important that learners enroll with licensed content providers called ATC’s (Accredited Training Center) and get authentic training from CEI’s (Certified EC-Council Instructor). Achieving the ECSA certification ensures that you get a high quality, recognizable certificate, which can help you work on security architectures of many types.

The ECSA certification is approved by ANSI. Many of the other competing certifications are not licensed by ANSI and typically carry no value ( Google “certified penetration tester” and see what arbitrary made up wonders you come up with). Getting certified by such bodies is virtually worthless as anyone, literally anyone, can found their own “Certification body”. So stick with the ANSI approved certs like the ECSA and most of the SANS certs.

You must obtain the ECSA exam before enrolling for the Licensed Penetration Tester (LPT) certification. The LPT is advanced course content as well, covering pentesting and security based on intense past assessments and best practices.

Both the ECSA and LPT certification curriculum are developed by the top brains in the field. A minimum of 47 modules and topics are taught, including basics such as need for security analysis and War Dialing, Advanced Sniffing techniques, advanced wireless testing, log and snort analysis and advanced exploits and tools. Penetration testing includes pre-penetration testing checklists, VoIP, VPN, database, log management, broadband, Bluetooth/hand held and physical security penetration testing.

EC Council certifications are not just extensive but credible too. The ECSA and Licensed Penetration Tester certs are just now hitting the popularity levels that CEH was at about two years ago. Once CEH saturates in the market a bit more, expect these two certs to be right where CEH is now. Because, well, hackers aren’t going to want to stop learning how to hack. Right?

Comments Off   |  tags: , , , , , | posted in Uncategorized

January 26, 2011

CEH v7

By vmtrain

Certified Ethical Hacker Version 7 (aka v7) has been much anticipated for some time now. The certification has needed updating and version 6.1 only took the updates so far. CEH v7 is going to be a more difficult curriculum, it will include much improved instructor resources (like slides and diagrams etc.), it includes more test-included modules and it includes many new and advanced hacking techniques. Most importantly, the exam is changing. It is going to include a more difficult and updated set of questions. So far, the passing score is set to be the same, but the material / question base is what is changing.

More details can be found at the IT Training Blog.

Comments Off   |  tags: , , | posted in Uncategorized

August 10, 2010

Answering the Recertification Question about the CEH – Does It Expire?

By vmtrain

The question that everyone is asking nowadays since the news of the CEH being added to the DoD8570 directive is:

“Does my Certified Ethical Hacker Certification Expire?”

The answer, yes, it can expire. Now that the DoD8570 directive features the CEH, the EC-Council was required to add an upkeep attribute to the certification’s lifespan. As opposed to asking people to recertify every few years (which is the more painful and costly option by far), the EC-Council has stated that CEH cert holders may maintain their certification by achieving a certain number of CEU (continuing education units) hours. These hours can be met by a wide variety of sources such as online webinars, seminars and related IT training courses such as the ECSA / LPT.

Certified Ethical Hacker Training Information

Get more information on this course!

Comments Off   |  tags: , , | posted in Uncategorized

May 18, 2010

DoD 8570 Directive and the Certified Ethical Hacker

By vmtrain

A further testament to two main trends arose recently when the DoD 8570 directive had Certified Ethical Hacker added to its list of certifications that prove worthiness to work in a certain capacity that serves the DoD community. Those statements were:

1) The Certified Ethical Hacker is, without argument, the hottest certification out right now.
and
2) Hacking / Pentesting is the future of IT security / information assurance workers.

Delving more into item #1, the CEH is the most highly sought after cert in the business. The searches per month on google (use the keyword tool) will prove that to you if you need subjective information about that. The certification has been done the right way entirely, from top to bottom, by the EC-Council management. Marketing, content etc.

As for the second topic, hacking and pentesting has become the main training priority of information assurance workers. Not only are people going in large numbers to learn the concepts or the Certified Ethical Hacker, but now, more than ever before, employees are being trained on advanced defense tactics (ie from the ECSA / LPT) and advanced hacking concepts like the Advanced Penetration Tester (APT) certification. Sorry CISSP, but your days of being at the top are so limited its not even funny. Theoretical / conceptual information assurance practitioners are taking a back seat to people who can break into a network from a major corporation that has a huge annual security budget and spends millions on their firewall and security software. Because I would trust my network to that guy (again see APT).

Certified Ethical Hacker Training Information

Get more information on this course!

Comments Off   |  tags: , , , , , | posted in Uncategorized

March 22, 2010

What Is the Certified Ethical Hacker?

By vmtrain

Hackers are one of the biggest problems in the information technology field. Companies and individuals are willing to pay huge sums of money for the security of their computer systems. One of the services that they will use is a certified ethical hacker. A certified ethical hacker is somebody that knows how to diagnose the weaknesses and vulnerabilities of a computer system. The ethical hacker will oversee all of the preventative measures that company needs to make to their security settings so hackers cannot steal their sensitive information.

To become a certified ethical hacker, one must go through a rigorous process of training and be certified by the International Council of E-Commerce Consultants. A certified ethical hacker is basically a penetration tester. They approach a computer system the same way that a malicious hacker would and begin a series of tests on the network. To become a certified ethical hacker, you must go through an accredited training center or you can opt for self-study. If you go through the self-study route, you must prove that you have worked in the information technology security field for two years. This exam will cost around two hundred and fifty dollars.

Ethical hackers are in great demand. Everything is turning to the online market for business, so the need for security professionals is only going to increase in the coming years. To begin with your career, you may need a bachelor’s degree or a master’s in computer science or have a good deal of experience or related certifications under your belt. You will need to know how to infiltrate and protect computers by wireless technology, wired technology, and local area network access. You will also have to have a good grasp of Windows, Macintosh, and Linux operating systems.

If you love computers and like working in an exciting environment, becoming a certified ethical hacker could be the career you’re looking for. You will need a vast knowledge of computers, networking technology, and wireless systems to pass the certification test. All certified ethical hackers are required to get re-certified every three years.

This course will not only help you in the professional realm, but will also give you the skills you need to protect yourself while you’re online.

Certified Ethical Hacker Training Info

Get more information on this course!

Comments Off | posted in Uncategorized

Follow

Get every new post delivered to your Inbox.