A small comparison between OSCP and eCPPTv2
Overview
This is a hard question because both certifications have disadvantages and advantages. The most important thing are price, required time and quality:
Both courses are similar in all three areas.
August 2020 prices:
$1600(PTP elite, unlimited) from eLearnSecurity → eCPPTv2 (with the bonus code RED-035 it is: $1040)
$1350(PWK, 90 days) from OffensiveSecurity → OSCP
OSCP is capture the flag and you have 30, 60 or 90 days to finish it. It is very challenging because you have to invest 400 to 500 hours to get the cert. If you can not finish it in 3 months, you have to pay a lot more. OSCP is a “google a lot and search a lot” certification, because you have to google a lot. The provided materials is suitable and now up to date, you have to read about 850 pages.
PTP simulates small businesses, and it is a more realistic approach. If you study the provided material, you will invest 500 hours and more. The elite course exam voucher is unlimited valid, you have more time. PTP offers 6500 pages and if you read all the links, you have to read much more. You do not have to google, 95% in in the provided material.
One thing about times:
Every person needs a different amount of time to study for this certifications. I did not do the OSCP yet, but according to blogs, people with a background in security need about 500 hours. The PTP course took me more than 750 hours, but I could have taken the exam earlier. Some people will tell you that they needed 150 hours and it was an easy certification. Not for me.
It is all about your starting knowledge and how thoroughly you are studying the provided materials. Passing the exam and a deeper understanding of the context are two different things.
Are the certifications worth the money?
Both certifications have a different purpose.
eLearnSecuritys PTP course and the connected eCPPT certification is more for your own knowledge. There are about ten job offers that mention eCPPT. It is possible that this will change in the future, because the certification get more attention. The certification is well respected in the pen test world and known for its high quality content but not for HR. The provided quality together with the labs is awesome. This course is outstanding if you want to build a solid understanding of the basics as pentester.
OffensiveSecuritys PWK course and the connected OSCP certification is a well respected certification and it is the market leader. I found about 800 jobs with this requirement (May 2020). If you have this certification, you will most likely get a job interview.
If you believe it or not, both certifications are still basic. It is more or less the first step on a long journey.
sources: https://www.youtube.com/watch?v=QOb7oiL6B9I (John Hammond OSCP vs eCPPT), https://www.youtube.com/watch?v=sSXhF0C0QlI&t=13s (TCMs Top 3 Certifications for Landing an Ethical Hacking Job, a lot of other reviews
Cybersecurity Solution Architect | Founder, Professor Roger’s Cyber Lounge | Cybersecurity Professor | Podcaster | Public Speaker | Cyber Mentor | Cyber Career Coach
4 年Wow, great post. This really cleared up a lot of confusion.
OSEP | Malware Developer | eCPPTv2
4 年Congratulations on the pass!
Acting VP & Head of IT Security Operations Department @ HTB Bank
4 年Cool mate
Senior Cyber Security Engineer at Immersive Labs
4 年I don't think it's fair to compare both of these courses, both of them are exceptionally great in their own different ways as it teaches you different things which are well appreciated and needed while working as a pentester. PTP teaches you more of how to engage in a pentesting work on an enterprise network and produce a comprehensive report while PWK/OSCP teaches you how to think out of the box with a more CTF oriented concept. While one can argue the challenges you face in a CTF is not something you might encounter in a real-world pentesting engagement, what most people don't figure out is it teaches you to think differently and adapt to what you see and, I firmly believe that is what separates pen-testers skillset. As you did state in your article, it is true both of these certifications are your pathway to a more comprehensive career and it definitely provides a solid foundation to learn more and be better at what you do. I do plan on taking PTP exam right after my PWK labs ends before I tackle my OSCP exam, and I can see both of these courses can compliment each other. Thanks for this!
Infantry Officer at US Army
4 年Good insight on the two certs. I’d say the one big thing to look at is also what’s the more common cert in your area. In a recent email with the Army Cyber branch they recommend having certs like CISSP and OSCP for the officer side. Granted I’m sure the PTP would translate but you deal with less HR confusion if the cert is common for where are.