OffSec Certified Professional

OffSec Certified Professional (OSCP) is an ethical hacking certification offered by Offensive Security (officially known as OffSec[1] since March 2023) that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution (successor of BackTrack).[2][3] The OSCP is a hands-on penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment.[4] It is considered more technical than other ethical hacking certifications,[5][6] and is one of the few certifications that requires evidence of practical penetration testing skills.[1]

For the protein subunit, see oligomycin sensitivity conferral protein.
"OSCP" redirects here. Not to be confused with Online Certificate Status Protocol (OCSP).

Recertification

The OSCP does not require recertification.[7]

Relations to other security trainings or exams

Successful completion of the OSCP exam qualifies the student for 40 (ISC)² CPE credits.

In 2015, the UK's predominant accreditation body for penetration testing, CREST,[8] began recognising OSCP as equivalent to their intermediate level qualification CREST Registered Tester (CRT).[9]

Reception

In "Kali Linux: A toolbox for pentest," JM Porup called OSCP certification "coveted" because it required passing a difficult 24-hour exam demonstrating hacking.[10] In a press release on a new chief operating officer for a security services company, the company's use of OSCP professionals was described as a strength.[11] In "The Ultimate Guide To Getting Started With Cybersecurity" Vishal Chawla of Analytics India Mag recommended OSCP as one of two "well known" security certifications.[12] In an interview of OffSec CEO Ning Wang, Adam Bannister of The Daily Swig discussed a "major update" to "Penetration Testing with Kali Linux (PWK)" training course, which leads to OSCP certification for students who pass the final exam.[13] The training updates were discussed in detail in helpnet security.[14]

In The Basics of Web Hacking: Tools and Techniques to Attack the Web, Josh Pauli called OSCP "highly respected."[15] Cybersecurity Education for Awareness and Compliance gave a syllabus outline of the training course for OSCP.[16] In Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails, co-author Christopher Hadnagy listed OSCP as one of his qualifications.[17] Certified Ethical Hacker (CEH) Foundation Guide listed OSCP as one of two certifications by OffSec for a "Security Testing Track."[18] Sicherheit von Webanwendungen in der Praxis also included OSCP in a list of recommended certifications.[19] Building a Pentesting Lab for Wireless Networks called Offensive Security training "practical and hands-on" and said they were "most recommended."[20]

In "The Information Security Undergraduate Curriculum: Evolution of a Small Program" Lionel Mew of University of Richmond said 35% of Information security jobs require certifications, and described OSCP as a "popular certification."[21] "Maintaining a Cybersecurity Curriculum: Professional Certifications as Valuable Guidance" called OSCP an "advanced certification" and one of "a select few" requiring hands-on penetration skills demonstrations.[22]

References
  1. Olmstead, Kyle (2023-03-01). "Experience the Refreshed OffSec". OffSec. Retrieved 2023-03-05.
  2. "Offensive Security Certified Professional". Offensive Security. Retrieved 13 October 2016.
  3. Thomas, Jennifer (2020-07-09). "About OSCP (Offensive Security Certified Professional)". cybersguards.com. Retrieved 2022-01-09.
  4. Linn, Ryan (1 March 2010). "Final Course and Exam Review: Pen Testing with BackTrack". EH-Net Online Mag. Retrieved 13 October 2016.
  5. Westfall, Brian (15 July 2014). "How to Get a Job as an Ethical Hacker". Intelligent Defense. Software Advice. Retrieved 13 October 2016.
  6. Dix, John (11 August 2016). "How well does social engineering work? One test returned 150%". Network World. Retrieved 13 October 2016.
  7. https://www.offensive-security.com/faq/#how-long-cert-valid
  8. Knowles, William; Baron, Alistair; McGarr, Tim (26 May 2015). Analysis and recommendations for standardization in penetration testing and vulnerability assessment: Penetration testing market survey (Report). BSI Group & Lancaster University.
  9. "CREST Signs New Partnership with Offensive Security to Improve the Standards of Information Security" (Press release). CREST and Offensive Security. 4 August 2015.
  10. "Kali Linux : Une boîte à outils pour pentest - Le Monde Informatique". LeMondeInformatique (in French). Retrieved 2020-03-15.
  11. "Anchin, Block & Anchin LLP Expands Firm's Cybersecurity Practice - Tab Bradshaw Joins as New Leader of Redpoint Cybersecurity LLC". Benzinga. Retrieved 2020-03-15.
  12. Chawla, Vishal (2020-02-24). "The Ultimate Guide To Getting Started With Cybersecurity". Analytics India Magazine. Retrieved 2020-03-15.
  13. "'We're our own focus group' – Ning Wang on security certification, training, and keeping Kali Linux on top". The Daily Swig | Cybersecurity news and views. 2020-03-03. Retrieved 2020-03-15.
  14. "Offensive Security releases major update to its Penetration Testing with Kali Linux training course". Help Net Security. 2020-02-11. Retrieved 2020-03-15.
  15. Pauli, Josh (2013-06-18). The Basics of Web Hacking: Tools and Techniques to Attack the Web. Elsevier. p. 140. ISBN 978-0-12-416659-2.
  16. Ismini, Vasileiou; Steven, Furnell (2019-02-22). Cybersecurity Education for Awareness and Compliance. IGI Global. pp. 233–234. ISBN 978-1-5225-7848-2.
  17. Hadnagy, Christopher; Fincher, Michele (2015-03-18). Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails. John Wiley & Sons. pp. viii. ISBN 978-1-118-95848-3.
  18. Rahalkar, Sagar Ajay (2016-11-29). Certified Ethical Hacker (CEH) Foundation Guide. Apress. p. 184. ISBN 978-1-4842-2325-3.
  19. Rohr, Matthias (2018-03-19). Sicherheit von Webanwendungen in der Praxis: Wie sich Unternehmen schützen können – Hintergründe, Maßnahmen, Prüfverfahren und Prozesse (in German). Springer-Verlag. p. 447. ISBN 978-3-658-20145-6.
  20. Fadyushin, Vyacheslav; Popov, Andrey (2016-03-28). Building a Pentesting Lab for Wireless Networks. Packt Publishing Ltd. p. 234. ISBN 978-1-78528-606-3.
  21. Mew, Lionel (2016). "The Information Security Undergraduate Curriculum: Evolution of a Small Program" (PDF). 2016 Proceedings of the EDSIG Conference. 2: 5.
  22. "Maintaining a Cybersecurity Curriculum: Professional Certifications as Valuable Guidance" (PDF). Journal of Information Systems Education. 28: 106. December 2017.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.