Licensed Penetration Tester

Licensed Penetration Tester (Master)

The EC-Council Licensed Penetration Tester (Master) Credential

To earn the prestigious EC-Council LPT (Master) Credential, you must successfully pass our most challenging practical exam available. The LPT (Master) practical exam is the capstone to EC-Council’s entire information security track; from the Certified Ethical Hacker Program (CEH) to the EC-Council Certified Security Analyst (ECSA) Program. It all culminates with the ultimate test of your career as a penetration tester – the Licensed Penetration Tester practical exam.

You will need to demonstrate a mastery of the skills required to conduct a full blackbox penetration test of a network provided to you by EC-Council on our cyber range. You will follow the entire process taught to you through CEH and ECSA, taking you from reconnaissance, through scanning, enumeration, gaining access, maintaining access, then exploiting vulnerabilities that you will have to seek out in a network that only a true professional will be able to break. EC-Council will provide the entire cyber-range through its cloud based cyber range, iLabs. All toolsets are provided to you, you bring the skill.

To successfully pass the LPT (Master) practical, you must fully document your pen test in a complete, professional penetration test report. This report will follow formats learned in the ECSA program, following industry acceptable, penetration testing and reporting procedures used by only the top professionals in the industry. This report will be reviewed and scored based on a complex rubric by other penetration testing professionals dedicating to upholding the value of EC-Council’s LPT (Master) Credential, and enhancing the professionalization of cyber security as a field.

While the Certified Ethical Hacker course teaches threat agents that can compromise the security posture of an organization, and the EC-Council Security Analyst program provides a repeatable and documentable methodology for deep analysis of an organizations security posture, the Licensed Penetration Tester exam tests the mastery of the skill-sets required to be a true professional penetration tester – Technical Analysis and Report Writing.

To build on the technical skills taught in the CEH course, the ECSA course emphasizes application of a suitable methodology and report writing. The LPT (Master) practical exam thoroughly tests the application of this knowledge and the skills required in an examination that even our reviewers have called “extremely challenging”. There is no course for the LPT (Master) exam. The LPT (Master) Exam is the final step after the intense training and certification that you would have received in the Certified Ethical Hacker and the EC-Council Certified Security Analyst programs.

Many have described report writing as one of least preferred, yet arguably one of the most critical parts of any penetration testing engagement. While so many courses are offered globally to cover various subjects in the information security realm, hardly any are dedicated to this very important skill, especially almost half of all time spent at any penetration testing engagement can revolve around writing and reporting the core findings of the engagement to the client. Explaining a highly technical finding in an elaborate penetration test engagement to someone not technical like the CEO of a company, the senior management or even the board of directors can be very challenging and frustrating at times. Mastery of communication, research and report writing is required to make sense of technically complex topics like specific vulnerabilities and their resulting exploits in a meaningful manner than an organization can use to make educated decisions to improve their own security posture.

LPT (Master), the next certification step after CEH and ECSA

EC-Council’s Licensed Penetration Tester(Master) is a natural evolution and extended value addition to its series of security related professional certifications. The LPT (Master) standardizes the knowledge base for penetration testing professionals by incorporating best practices followed by experienced experts in the field.

The objective of the LPT (Master) is to ensure that each professional licensed by EC-Council follows a strict code of ethics, is exposed to the best practices in the domain of penetration testing and aware of all the compliance requirements required by the industry.

The objective of Certified Security Analyst “pen testing” certification is to add value to experienced Information Security professionals

Unlike a normal security certification, the LPT (Master) is a program which trains security professionals to analyze the security posture of a network exhaustively and recommend corrective measures authoritatively. For many years EC-Council has been certifying IT Security Professionals around the globe to ensure these professionals are proficient in network security defense mechanisms. EC-Council’s license vouches for their professionalism and expertise thereby making these professionals more sought after by organizations and consulting firms globally.

You can read more about this at http://www.eccouncil.org/about-licensed-penetration-tester.

Steps to Become an EC-Council Licensed Penetration Tester (LPT) via self-study mode:

  • Eligibility Criteria:
    • To be eligible to apply to sit for the LPT (Master) Exam, candidate must either. Be an ECSA member in good standing (Your USD100 application fee will be waived);
    • or Have a minimum of 2 years working experience in pentesting (You will need to pay USD100 as a non-refundable application fee);
    • or Have any other approved industry certifications such as OSCP or GPEN cert (You will need to pay USD100 as a non-refundable application fee).
  • Application Process:
    • Applicants must apply directly to EC-Council via the online web form https://cert.eccouncil.org/lpt-application-form.html and provide the following: A copy of police verification from applicant’s local law enforcement agency or EC-Council Declaration of No Criminal Conviction Form ; EC-Council Code of Conduct (COC) Form ;
    • Updated Resume documenting penetration testing experience or skill;
    • Approved applicants must purchase the Licensed Penetration Tester (Master) Exam Kit via EC-Council online store within 3 months of receiving the approval email (the approval will expire post the 3 months and applicants will have to reapply and remit the USD100 non-refundable application fee again). Upon confirmation of the payment of USD899, the LPT (Master) Exam Kit will be released to the applicant, which consists of: iLabs Cyber Range Access Code (applicants are given a 5 day block access from activation date / code is valid for 3 months from the date of release) Aspen LPT (Master) Dashboard Access Code (applicants have a 30 day window to submit their reports from activation date/code is valid for 3 months from the date) A 2 year LPT (Master) License is included in the LPT (Master) Exam Kit valid for 2 year license / subject to ECE and renewal requirements).

(Please note that processing time will take between 7-14 days after you have submitted ALL required documents)

Renewal Cycle, Certification Fees & ECE Scheme

The certification is valid for 2 years from the date of approval and members must then renew annually.
For renewals, members will need to remit USD250 per annum which can be done at our online store.
LPT (master) certification falls under the ECE Policy. Members must ensure that they meet the ECE requirement.

Should you have any queries, please do not hesitate to write in to lpt@eccouncil.org.

Clause: Age Requirements and Policies Concerning Minors

The age requirement for attending the training or attempting the exam is restricted to any candidate that is at least 18 years old.

If the candidate is under the age of 18, they are not eligible to attend the official training or eligible to attempt the certification exam unless they provide the accredited training center/EC-Council a written consent of their parent/legal guardian and a supporting letter from their institution of higher learning. Only applicants from nationally accredited institution of higher learning shall be considered.

Disclaimer: EC-Council reserves the right to impose additional restriction to comply with the policy. Failure to act in accordance with this clause shall render the authorized training center in violation of their agreement with EC-Council. EC-Council reserves the right to revoke the certification of any person in breach of this requirement.

.