I tend to have a dim view of a great number of certifications out there. I, admittedly, have several certs that were a bugger to get from a time committement perspective but, there are ones out there that I think are sheer hogwash. An example of this is the “Certified Ethical Hacker” from the EC-Council. Here is an interesting/funny write up over on the excellent blog “A Day in the Life of an Information Security Investigator“. Here is a clip from the post
1) EC-Council or International Council of ECommerce Consultants is a
Nevada incorporated company and has NO office in New York as they claim.
Pay them a visit and there is absolutely NOTHING there. Any enquiry
called is always met with one response – please email. Try checking
their claims before you invest in their products.2) EC-Council had announced an university earlier this year at Wyoming.
They claim the certifications would get credits for their masters
program. Its a diploma paper mill at best that will have its license
revoked sooner or later as per the legislature revoking all unaccredited programs.3) From their university website “EC-Council University is licensed by
the State of Wyoming under Wyo. Stat. 21-2-401 through 21-2-407 and
neither the Department of Education nor the Wyoming State Board of
Education has accredited or endorsed any course of study offered by
EC-Council University”. Nice.4) If you check their members list as well, you will realize that most
of them are ficticious or hardly involved. Renaming the only program
they sell is not going to fool the government for long I guess.
To be forewarned is to be forarmed? four armed? Who the hell knows what I’m talking about. I’ve decided that I will introduce the Liquidmatrix Security Digest Formal Minutia Expert certification, or to shorten it as is the norm, giving us the:
LSD4ME Certification
Course Fee: $2450 USD
Exam: Self Administered IQ Test
Course Location: The bathroom at a Denny’s in Duluth
What you get: A Xerox’d Certificate in a plastic frame
What I get: A trip to Aruba
(couldn’t resist) 😀
[tags]EC-Council, CEH, Certifications, SecurityMonkey[/tags]
Some interesting comments on this…dissscussion (mostly mud slinging and throw back the mud on your face). coming to the crux of it and reality stands “CERTIFICATIONS ARE NOT AN END TO PROFESSIONAL EXCELLENCE IN A FIELD BUT AN ENTRY POINT FOR PEOPLE ENDEAVOURING TO EXPERTISE IN A FIELD”. and coming to a new & evolving field like “IT SECURITY” there are bound to be wanna-be companies trying to proving their mark and make profit but making a decision to certify based on remarks above would be a gross mistake .
My take would be to look at the certification spread (where trained geographically) , certification brand (market certification knowledge and training associates ) and market acceptance of certification (job postings requiring certification) to decide weather any certification would enhance your industry demand and secure a long term future, other area to look would be course contents if they cover necessary subjects (in either beginner or advanced stages) and the trainer (industry experience) to determine if you have the right staging ground to start learning and enough scope to expand in future.
coming to access both the companies (ec-council & mile2) certification on CEH, i would grant ec council to have a first mover advantage and thus have better geographical reach , branding and acceptance , while mile2 have a more evolved and encompassing cirriculum.BUT realising a fact that IF ec-council upgrades it’s training material and cirriculum it can overcome mile2 advantage , while mile2 will need a lot of time to reach the market level’s of ec-council with more training institutes competiting in the same sector.
But please dont take this as advocasy to go for which certification. you have to form your own opnion based on your own perceptions and right knowledge.
SKON