online pentest schools
online pentest schools
So doing a quick Google search of online pentesting schools comes back with too many options. Can you guys recommend a good site, pay or free, that covers all topics, not just the less ethical ones? I know the basics of a variety of languages, my degree is in networking but it's been so long I need a refresher. I'm looking for an in depth online school, one where I can ask questions on the topic and get answered not just watch a 5 minute video. I want it to be a school specific to this area and not a general college, nor one like devry.
Re: online pentest schools
I would say that most pen-testing schools are probably not going to help you with the foundational knowledge you're looking for; unless of course it's a program to baseline you into a certification program.
Certification programs vary in usefulness, and there is definitely mixed opinions about their fundamental worth, but I know that for jobs in the security industry you can take one of 2 roads: security and related fields, or privacy and related fields.
For security I would look into the ISC2 certifications, the SSCP and CISSP for example are huge in the industry right now, and in most cases considered the worth of a B.S. in a computer science security field. The SSCP requires 1 year in associated security field to cert, but if you pass the test you'll be an ISC2 Associate which really helps. The CISSP is like a thimbleful of depth over all security topics related to infrastructure and the domains thereof. It's hard, but it is not impossible. While I would say that the SSCP would be a better choice for immediate knowledge into security and related topics, the CISSP has longer intrinsic value... not that you can't take one and then the other when you collect the experience.
Understand, I'm not trying to steer you away from a pen-testing school exactly, I'm just saying that most of those places will not give you any long lasting depth in an understanding of the art. IMO it's better to learn the security of infrastructure, and the protection of the exploitation thereof, which will in turn give you a healthy understanding of pentesting. added bonus, cheeper and not as long of a program
Certification programs vary in usefulness, and there is definitely mixed opinions about their fundamental worth, but I know that for jobs in the security industry you can take one of 2 roads: security and related fields, or privacy and related fields.
For security I would look into the ISC2 certifications, the SSCP and CISSP for example are huge in the industry right now, and in most cases considered the worth of a B.S. in a computer science security field. The SSCP requires 1 year in associated security field to cert, but if you pass the test you'll be an ISC2 Associate which really helps. The CISSP is like a thimbleful of depth over all security topics related to infrastructure and the domains thereof. It's hard, but it is not impossible. While I would say that the SSCP would be a better choice for immediate knowledge into security and related topics, the CISSP has longer intrinsic value... not that you can't take one and then the other when you collect the experience.
Understand, I'm not trying to steer you away from a pen-testing school exactly, I'm just saying that most of those places will not give you any long lasting depth in an understanding of the art. IMO it's better to learn the security of infrastructure, and the protection of the exploitation thereof, which will in turn give you a healthy understanding of pentesting. added bonus, cheeper and not as long of a program
knuffeltjes voor mijn knuffel
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]
[img]http://i911.photobucket.com/albums/ac320/stuphsack/Sig.jpg[/img]