About the CPENT
EC-Council is rewriting the standards of penetration testing skill development with the Certified Penetration Testing Professional, the CPENT certification program. What makes this program unique is our approach that allows you to attain two certifications with just one exam. The key philosophy behind the CPENT is simple – a penetration tester is as good as their skills; that’s why we urge you to go beyond Kali Linux and go beyond tools.
Not that we don’t believe in the OS or tools, but candidates with an over-reliance on Kali tools find it incredibly difficult to adapt to the multi-disciplinary approach of the real-world penetration testing engagements. We urge you to go beyond and explore the vast horizons of penetration testing that differentiate the great from the good. Ergo, the knowledge, skills, and abilities you learn from the CPENT program will allow you to challenge network types and not just one or two specialties. What makes the CPENT different is the requirement to display skills across multiple disciplines, forcing the candidate to “think on their feet.” It makes CPENT the first of its kind in the list of Pen testing programs! Our research shows that knowledge-based certifications alone do not necessarily equate to well-rounded skillsets when the candidates are put on a complex cyber range. In fact, many do not even have the skills to create routing tables, which is the first step to pivot invisible networks. Without the use of an automated tool, most pen testers struggled, then when simple stateless filtering was present, the few that had added the correct networking details stalled, and only a few ever got past the first hurdle. In short, no one made it through all of the hurdles, leading to the creation of the CPENT.
The Purpose of the CPENT
Years of research showed us that most pentesting candidates have gaps in their skills when it comes to multiple disciplines. Furthermore, the metrics revealed that when the targets are not located on either the same or a directly connected and reachable segment, a few can perform as well as they do it when on a direct or a flat network.
That’s why, for the first time in the industry, the assessment for the Certified Penetration Tester (CPENT) will be about multiple disciplines and not just one or two specialty types. Everything presented in the course is through an enterprise network environment that must be attacked, exploited, evaded, and defended. EC-Council’s CPENT provides the industry with the capability to assess a Pentester’s skills across a broad spectrum of “network zones.” What makes the CPENT different is the requirement to be provided a variety of different scopes of work so that the candidate can “think on their feet.” The result of this is that different zones represent various types of testing. Anyone attempting the test will have to perform their assessment against these different zones.
- Cheating isn’t an option since EC-Council specialists proctor the entire exam.
- Choose your challenge! Either two 12-hour sessions or a single 24-hour exam!
- Score over 70% and become a CPENT!
- Join the league of extraordinary pen testers by scoring more than 90% and becoming an LPT (Master)!
We strongly recommend candidates to attempt the CEH (Practical) and/ or ECSA (Practical) prior to attempting the CPENT Challenge.
Clause: Age Requirements and Policies Concerning Minors
The age requirement for attending the training or attempting the exam is restricted to any candidate that is at least 18 years old.
If the candidate is under the age of 18, they are not eligible to attend the official training or attempt the certification exam unless they provide the Accredited Training Center/EC-Council a written consent of their parent/legal guardian and a supporting letter from their institution of higher learning. Only applicants from a nationally accredited institution of higher learning shall be considered.
Disclaimer: EC-Council reserves the right to impose additional restrictions to comply with the policy. Failure to act in accordance with this clause shall render the authorized training center in violation of their agreement with EC-Council. EC-Council reserves the right to revoke the certification of any person in breach of this requirement.