Final verdict: What Penetration Tester Certification?
So – I know I’ve posted about this subject alone on how I wondered what I should take. I wanted something that had industry recognition, so obviously that’d be OSCP, but I wanted something that was within the DOD 8570 compliance so I could use Army Cool to fund it. So it was either GPEN from GIAC/SANS or Pentest+ from CompTIA.
Well I scrapped both ideas!
I’ll probably go for Pentest+ sooner than later, but it isn’t my end-goal. My goal is actually Hack The Box’s certification: CPTS
What is CPTS?
CPTS stands for Certified Penetration Testing Specialist. Apparently. There are sources that claim that it’s harder than OSCP . Ok – I don’t even think I’m OSCP level, better yet – CEH or Pentest+ level, so why should I even bother with this difficult exam? Especially if it’s not even as recognizable as OSCP. One word.
I’ll have to confidence in myself to say that I did it – and I can do anything else. Certifications alone are pretty daunting. Believe it or not, it took me almost a year to pass Security+ and that was my second try. I barely passed CCNA. I studied hard, and I mean hard for about three months for CISSP and passed. That was the only test I felt that I passed confidently. What’s even more ironic, is that I took it in 2020 and failed! As I’m writing this, I feel that it’s humorous that it’s probably more relatable that I failed the first time taking CISSP.
Anyways – I wanted to note that I’m not perfect. I’ve been around computers my whole life – heck, my dad worked for HP and then a IT Networking company. But – I learned everything myself.
I failed – I overcame – I achieved.
So shooting for something like CPTS isn’t crazy. If it’s what I want, I don’t want to waste my time going for something easy to build my skill level. I will work hard to gain the skills I need to succeed. My gym coach used to say, all competitions are won right here*. He was referencing where we trained. Also the test is like 210 dollars. Which is nothing compared to OSCP and it’s cheaper than Pentest+. So in my eyes, it’s a win win.
The only thing that I find that might be a little hard is writing the report. I think I’m a good technical writer, I write pretty candidly through these blogs – but we’ll see.
Ok – this actually happened today (which is 23August2023) and it pumped me up. I talked with a warrant officer who I knew as a Staff Sargent when we first met. He had his fresh uniform on – with his FRESH warrant officer W01 rank on. Holy cow. I talked to him, and talked me up so much – saying I was the best operator he ever met. (I currently work in a position similar to Network Admin). I told him I was getting out, and he was so bummed, he said that if I wanted to go warrant it would be extremely easy for me.
After that interaction, I was so pumped, so I’m ready to shoot for the stars. So cheesy – I know.