CERTIFIED ETHICAL HACKER

An ethical hacker:

• is also called a white-hat hacker (or as we call them: Robin Hoods).
• is the name given to a penetration tester. Unlike illegal hacking, which is a crime in most countries, these pen tests are completely legal. Hence the title for our digital nerd heroes: ethical hacker.
• is usually employed by or works for an organisation that trusts him or her to attempt to penetrate an organisation’s networks and/or computer systems.
• goes to work using the same methods as a hacker, in order to identify security problems. –> link to offering
• working at SECWATCH® is at least CEH: the basic certification to show that someone has the right basic knowledge.

The advanced training courses, Security Analyst & Licensed Penetration Tester (ECSA/LPT) and Offensive Security Certified Professional (OSCP), enable the tester to make in-depth and complete risk analyses of the business environment. Various penetration tests and checklists are used for this. Moreover, the OSCP is the world’s first fully hands-on offensive information security certification.

What is the difference between the two specialists? The ECSA/LPT is able to turn the results of an analysis into a concrete and hands-on security plan for every level and type of organisation. The OSCP, on the other hand, is able to be presented with an unknown network, list the targets within the scope, exploit them and clearly document the results in a penetration test report. To become an Offensive Security Certified Professional, you must prove a clear and practical understanding of the penetration testing process and lifecycle through a challenging, twenty-four hour certification exam. Just think what superpowers our ethical hackers with a combination of these two (ECSA/LPT & OSCP) have…

In addition to a hobbyist’s interest, many of our testers also have additional certification for, for example web application tests (OWASP / GWAPT), penetration tests such as advanced penetration techniques (CAST 611), Metasploit Advanced (CAST 617), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Assessing and Auditing Wireless Networks (GAWN), GIAC Penetration Tester (GPEN) and audit & compliance certification such as Certified Information Security Manager (CISM), Certified Information Privacy Manager (CIPM) and Certified Information Privacy Professional Europe (CIPP/E). We also have the right expertise in the field of Operational Technology (OT) and Industrial Security, such as with ICS/PLC/SCADA systems, including knowledge of IEC 62443. Or what about Threat Hunting, supported by the Certified Threat Intelligence Analyst course (CTIA) and Private Investigation (Wbpr / PDO) course? You name it, we have it. 😉

Indeed. At SECWATCH®, we take knowledge and expertise pretty(!) seriously. But we take even more seriously an interest in the profession, enjoyment in the work and a genuine desire to improve information security for our clients and contribute to a more secure society. And what does it get you?

• An up-to-date final report: all high-impact threats clearly identified – even the smallest cracks in your cyberdoors are not safe from our ethical hackers. We block them all off!
• Hyper-relevant data: You receive reports and advice that are tailored to your business, your challenges and the phase they are in. Your priorities handed to you on a silver platter. Only then can you take the right – and, in particular, safe – steps.
• Understanding Guarantee: With us, you never have to puzzle. Not only do our Robin Hoods understand the high-impact threats, but every IT/security officer in your organisation will fully understand what is in our report. This way, there are no issues with interpretation or implementation.

In short: you’re secure, we’re happy.