Penetration Testing Certifications

Author: Martin Voelk
November 27, 2014

We often get asked, what are the benchmark Penetration Testing Certifications which are either government or IT industry accredited?

Here is our take on it:


Widely respected and known. They offer the Certified Ethical Hacker (C|EH), Licensed Penetration Tester (L|PT) amongst other IT Security and Forensic certifications. They hold a good reputation throughout the US and other countries


The offer an associate and a professional Pentesting Certification. Those have been recognised by the NSA/CNSS as well. Still widely unknown outside North America, but certainly interesting to keep an eye on.

Offensive Security

In our opinion the best training and the best exams. Rather than multiple choice questions like in exams with Mile2 and EC-Council, you actually have to Pentest/Hack in your exam, so you really need to show skills to pass.

Other certifications help, such as the CISSP, Cisco CCIE Security, Cisco CCNP Security and the likes, but those are more vendor and general technology geared, whereas those 3 above are focused around Penetration Testing.

The UK has its own certification program called CREST and CHECK and UK customers often decline companies which “only” have the US Certifications. Oh well, they need their own program just like they drive on the wrong side of the road, too :-)