EC-Council Certified Security Analyst

Alex Baird, Cybersecurity | IT Consultant, On Completing the EC-Council Security Analyst Practical Certification

Read what Alex Baird had to say on LinkedIn:

I have completed my Pentest report and received my EC-Council Security Analyst Practical Certification.

An EC-Council Certified Security Analyst (Practical) has the ability to perform threat and exploit research, understand exploits in the wild, write exploits, customize payloads, and make critical decisions at different phases of a pen testing engagement that can make or break the whole assessment.

They can use advanced network scans beyond perimeter defenses, perform automated and manual vulnerability analysis, exploit selection, customization, launch, and post exploitation maneuvers.

This is a solid certification as a step between CEH and LPT/OSCP. It demonstrates that you are beyond theoretical penetration testing and can actually compromise machines.

For the practical you must get 5 flags from 8 machines (a mix of windows and linux boxes) in 12 hours. The practical exam is proctored and there are only two breaks. A professional penetration testing report must be submitted and approved within 15 days of completing the exam. The report must relay methodology, details on vulnerabilities and remediation recommendations to a business decision maker.

I took the online Advanced Penetration Testing course and labs to prepare for the EC-Council Security Analyst Practical. The course videos do a good job of sequencing the penetration testing and report writing workflows. Kevin Cardwell is a good instructor who lays out clear concepts and then shows their practical application. The iLab for each course module are well structured and let you apply the lecture to practical application in a target range.

Overall a solid base to build pentesting skills for the OSCP and/or Licensed Penetration Tester Certifications.

get certified from ec-council
Write for Us