If we look a few decades back when cyber space just considered a myth, when most computers were noisy large mainframes and when the word “Hack” was just for train modelling (this was not a joke), back then there was no concept of cyber security. But after some nasty security breaches governments put their heads together upon this issue and Cyber security departments and organizations were formed to train such people.
Nowadays we see two certifications that are racing each other, one is CPTE (Certified Penetration testing engineer) from mile2 and the other is CEH (Certified Ethical Hacker) from EC-Council. But if we look at the fact I would say CPTE has lead in this one and this is not a hunch.
Some interesting facts that prove that CPTE is better than CEH
- If we analyze the course outline and the material of both courses it is clearly seen that in CEH candidate are only taught how to use the tools required for the job and are not provided with knowledge otherwise.
- While CPTE candidates are provided with in-depth knowledge so that they may be able counter security issues more efficiently.
- CPTE has regular updates and modifications according to the fashion in security. While CEH is only updated entirely once in several years.
- Now if we look at the other aspects CPTE also enhances the business skills needed to identify protection opportunities and optimize security controls according to the business needs while CEH we only focuses the technical side of Information security and that too up to the extent of teaching how to use tools.
- Now let us look at the economic factors that make CPTE better than CEH. The exam cost of CPTE is 250$ with no expiration of the course it means that if a course more advanced then CPTE is produced in the future then CPTE will remain as It is and the certifications of the candidates will whatsoever not be cancelled, Now the cost of CEH is 500$ with the possibility that the course will expire in 2 years when it is updated with a newer version and CEHv7 (CEH currently in action) will have to be re-done otherwise certifications will be cancelled. Now that might not sound like a good news to most of us who were thinking of doing CEH (because it is not a good news).
- CEH in my opinion is the catalog of tools with lots of outdated content, imaging a certification talking about null session that haven't worked after windows 2000. So the content is quite outdated.
- In a penetration test or any kind of security engagement reporting in my opinion is the most essential part, the more you are good at reporting the more customer satisfaction you have, which is our final goal to build good relationships with customers. CEH does not talks about any of the reporting methodology, whereas CPTE and other certs like GPEN, OSCP talk about reporting methodology. "
About The AuthorThis article has been written by "Shahmeer Amir". Shahmeer is one of the developers of "Maadstrack". He is a CPTE and CISSO certified.
At RHA Infosec we provide different types of Security Testing from small business sites to Corporate Sites. Click Here to know more about our complete list of services.
Kindly Bookmark it and Share it with Friends: