From time to time, MyCPEs.com will spotlight certifications, certifying bodies, or providers of great continuing education content across all professional industries. In this spotlight, we’re highlighting Offensive Security and their Offensive Security Certified Professional (OSCP) certification, which is based on their Penetration Testing Training with BackTrack course.
We chose Offensive Security for our inaugural Spotlight because of their unique approach to certification in a field that is extremely technical, constantly evolving, and a highly sought skill set within the IT security community – penetration testing.
Many (if not most) certifying bodies use multiple choice tests to assess knowledge and substantiate proficiency in a certain professional discipline either by choice or because the expertise in the subject matter cannot easily be demonstrated (vice tested) by potential candidates. For example, it would be tough for the Project Management Institute to derive a mechanism to demonstrate proficiency for project management professionals in any manner other than a written test. The alternative might be to give candidates a project to manage, monitor their approach, evaluate the success of the project, and only then provide their PMP credential? That’s really not reasonable or feasible. However, in the world of penetration testing, this is exactly the approach that Offensive Security takes. They require their candidates to demonstrate proficiency in a lab rather than simply memorizing facts and regurgitating them on a written test.
I recently conducted a short, written interview with Mati Aharoni, Founder and Lead Trainer at Offensive Security, about Offensive Security’s model for certification. Mati wrote, “What we are testing is two-fold. First, the technical skills that you have obtained in the course of training. Second, we are testing your ability to think out of the box in a real world situation. Some of the systems the students encounter in the course of the exam are not covered directly in the course of training, however by using the skills that are covered in the training, they should be able to solve the problems. While some may consider this to be unfair, we believe this is extremely important to ensure that all certified personnel have proven they do far more than simply memorize and regurgitate information.”
Taking this approach really sets Offensive Security apart from their counterparts in the penetration testing certification arena. The OSCP credential substantiates real-world skill sets by requiring candidates to immerse themselves into a diverse environment where they are expected to craft custom exploits, seek out and identify security flaws, and ultimately exploit weaknesses within the environment in order to successfully navigate the certification process. Penetration Testing with BackTrack, the training the certification is based upon, simulates a full penetration test from beginning to end and provides each student with knowledge about necessary tools and testing/exploiting approaches required to compromise targets during the certification challenge.
I asked Mati about the pass/fail rates they typically see with the OSCP, and while their official policy is not to comment on these rates, he did offer some insight about the difficulty of the exam, “…We do experience that students are required to put significantly more effort than what they may be used to from other certification scenarios. Those that don't put out the effort often find they have to re-take the exam.”
When asked who the ideal candidate for the OSCP was, Mati wrote, “Our ideal candidate is someone that has a strong technical background that has experience in both Windows and Linux, with a solid understanding of network administration. Additionally, our courses require a strong commitment and the sort of personality that is determined and motivated to obtain a solid understanding of information security issues. It is worth mentioning that the current Penetration Testing with Backtrack course was originally named Offensive Security 101 as we felt it represented the foundational level of understanding that is required in the industry. However we found that students that had previously attended other training programs were unprepared for the level of effort that our course required. In the end we had to change the name to Penetration Testing with Backtrack in order to better set expectations.”
My summation? The OSCP is the real deal. The CTO and Lead Security Researcher at Proso , Nick Popovich, has had nothing but great things to say about his experience traversing the OSCP training and certification process. He notes that this particular certification is truly a difference-maker when it comes to pursuing penetration testing work in both the private and public sectors.
The OSCP has been offered by Offensive Security since 2006. On its merits, it has truly gained traction in the information security and penetration testing segments of the IT business. Largely, I assume, because of the value it brings to organizations that do in-house penetration testing or provide penetration testing services. Mati also pointed out that Offensive Security, “has students from various backgrounds outside of security that gain a lot from the courses. For instance, system administrators find that the understanding they gain in the course of the Penetration Testing With BackTrack gives them a deeper understanding of not just how to better secure their systems from attack but also stretches them and helps them be better system administrators overall. This is true as well for our Advanced Windows Exploitation course, as Windows programmers find they gain a better understanding on the sorts of common mistakes that are made in programs that allow exploitation to occur.”
The approach used by Offensive Security is one that garners a lot of respect in the information security arena. It's a shame that all certifications cannot be provided based upon performance and demonstration of mastery of a particular discipline, but because of the nature of many disciplines, this approach to certification is simply not an option and multiple choice tests must prevail. I wonder why all certifications that could be validated by demonstration are not, and why the multiple choice test is the preferred method for credentials that could be confirmed in more meaningful ways.
MyCPEs.com is a free online tool built to help certified professionals manage and track their continuing education. Sign up for a free account now.