Mile2 CPTE and CPTC Certifications

Author: Martin Voelk
April 4, 2015

Thank you for all your emails recently. We keep getting messages from ambitious engineers who seek a career in Penetration Testing. Quick recap: Most of our new clients ask us for either of the following prior to an engagement: CEH (Certified Ethical Hacker), LPT (Licensed Penetration Tester), OSCP (Offensive Security Certified Professional). Those 3 remain the big certs in the Pentesting industry.

Recently U.S. customers also ask/accept Mile 2 certifications. Mile 2 offers the Certified Penetration Testing Engineer (CPTE) and the Certified Penetration Testing Consultant (CPTC). Those are good because they are recognised and endorsed by the U.S. government and earn you CPE credits as well. 2 certs certainly to keep on the radar. 

In general, there are only a handful Pentesting Certs from the following vendors:

  • EC Council
  • Offensive Security
  • Mile 2
  • GIAC
  • SANS
  • CREST (UK only, not recognised outside of the UK)

That’s pretty much about it at the moment. There are a lot of funny HTML5 websites around which offer their own Penetration Testing certification programs, but have no accreditations with governments, so please stay clear of those. Unless a know vendor/brand or government is backing a certification track, it’s usually not worthwhile doing.

Our advice in general. Don’t spend too much time on certs. A lot of Pentesters we know don’t even have a CEH, but they are able to break into any client network during a Pentest. Nothing beats real world experience and thinking out of the box. 1 or 2 certs are nice to have (especially if recognised worldwide or government endorsed) but rather spent your time and effort on Offensive Security, Metasploitable, Metasploit Unleashed etc. to gain real Pentesting skills.