How you can get eCPPT for a reasonable price and why INE's Cyber Security Pass is a good deal for a company

During the last days, I got a ton of questions about this certification and how to get it. eLearnSecurity (eLS) is now a certification company without courses and all eLS courses are available via INE's Cyber Security pass. This pass is $2,000 a year (try the bonus code els-cyber to get 40% off) and is does not include certifications.

This article shows a way to get this certification without paying so much and why the new pass can be very valuable for your company.

What is eCPPT

Maybe not everyone knows what eCPPT is. The following picture shows some key features:

Two days ago, INE's new Cybersecurity pass hit the market. The webinar answered some questions, but not everything. Many people got shocked about the huge price jump. The old eCPPT was $1,200 (with 35% off) and now you have to pay at least $2400 to get the material, the labs, the videos and the certification.

INE's Cyber Security Pass

The new pass allows access to blue and red courses with unlimited lab hours. The next picture shows the Cybersecurity Pass (pricing aspect) in detail:

At the moment, one pass for $1999 is valid for 1 year. If you have a company or in the right position, think about this offer. You can train your employees for $500 per person!

Not everyone has an employer and not every employer pays for education. Maybe you are in India or other similar countries and $2400 is far beyond your possibilities and you need an alternative.

How to get eCPPT certified without paying so much

You can take eCPPT with buying the exam voucher and you can get the required knowledge somewhere else. What do you need? The next picture gives you an idea:

This picture looks crazy, but getting such a certification like eCPPT is not an easy thing. On the left side are the exam topics. You can find them on the official web page. The bullet points are very generic, but little by little you can learn it. OSCP has similar points, but not everything is the same.

Your price to get eCPPT certified

Do you like this crazy picture? Yes -> Okay, let us talk about price first, because if you cannot afford it, there is no need to talk further and waste your time. How much do you have to spend to get eCPPT certified:

You can see, the price is up to you, but $400 is the minimum. You have $700 and 500 hours free time, great! If not, maybe you can skip vhl and add 3 months in HTB or tryhackme.

One way to go

You checked your wallet and you can start? Let us talk about the crazy picture again. The picture showed you different paths to get the knowledge and it was not structured. You want to become a pen tester... do not work like this. Organize it and create a useful plan:

This picture shows you one possible way to go. It is not the golden standard and does not show a perfect path, but you can use it and adjust it according to your needs.

The PTP course material and the labs are great. There was no reason to look further. You cannot find much about PTP and eCPPT because the course included 6500 pages and googling was rarely necessary. This is the reason why you have to look for OSCP ideas and material. This will change in the next years, but at the moment, it is like it is.

Understand the differences between OSCP and eCPPT! If not, you cannot pass the exam. You have to add more things compared to OSCP, but you can use every single tool. You have access to the Cobalt Strike attack framework... or Metasploit Pro use it, it is okay. Learn to pivot and be ready to be challenged.

Your lab at home

You should build your own lab:

An own lab is one important step to your success. I had access to the Hera labs and used it for >500 hours, but I still used my own lab a lot. -> It helped me to pass the exam.

Websites

You do not have access to the great labs, therefor you have to learn how to google. At the beginning, you try a machine and it does not work... google for walkthroughs. If you have a problem: Use google.

Here some ideas and great web pages:

The web is dynamic, tomorrow some links will not work anymore. Do not complain about it, you cannot prevent progress, and changes.

Tools

Now, we can talk about tools. Tools are tools and if one tool does not work, google and try a different one. The next picture shows you some ideas. The tools are not specific for eCPPT but if you known a lot of them, you are on a good path:

My last big tip is:

Do not start this journey alone. If you can do this with a friend, your chance to to knock out the cert is much higher. Not a little, it is significantly higher, especially if you do not have a matching IT background...

The red side is incredibly challenging...

.... you knocked out eCPPT... the learning just started, sorry....

Is eCPPT worth it or not?

The biggest competitor for eCPPT is OSCP. OSCP is the HR gatekeeper and was for years the main penetration testing certification. On LinkedIn, we have about 14.000 people with OSCP and 800 with eCPPT. If you look for jobs, OSCP is very valuable and world wide recognized.

In the past, the decision was simple: Go for OSCP and you get a job. During the last one or two years, eLearnSecurity got a lot of attention and it is now part of Asia's major red-teaming/attack simulation regulation CFI 2.0 (https://lnkd.in/dqZDQ-S)and it is recognized by TIBER-EU.

In the nearer future eLearnSecurity's certifications might become part of DoD 8140 / 8570. In the US, this will boost the value and the level of awareness a lot. INE will try to make the cert more famous.

I do not know the future, but I guess the value of eCPPT will go up a lot. At the moment, many people take eCPPT before or after OSCP. Both certs are different and have their value, but are "entry" level pentest certs. I do not have OSCP, but every week, I get at least five recruiting messages and I do not look for a job.

Conclusion

In my opinion, eCPPT is a fantastic certification for becoming penetration testers. Do not skip it because you do not have $2,400, you can take the cert for $700 or less.

Is eCPPT worth it for $700? Think about what CompTIA certifications cost. These certifications are paper certs. They have their value, they are a very good starting point and can give you a job. However, eCPPT is far beyond Security+. I took Security+ in 3 weeks... but I needed 750 hours for eCPPT.

If you have eCPPT, you are prepared for a lot of tasks!

You are unsure if eCPPT is something for you? Read Denise Tan's review to get a better idea about the cert:

https://deetee1.medium.com/ecpptv2-review-5ff11d92469c

-------------------------

It is LinkedIn and one thing is left.

Feel free to message me if you need help.

Sources:

- Opinions on Discord like inofficial INE/eLearnSecurity, The Cyber Mentor

- The INE webpage and the old eLearnSecurity webpage

- youtube channels (The Cyber Mentor, hackersploit, etc)

- Heath Adams courses TCM Academy