Problem solve Get help with specific problems with your technologies, process and projects.

Getting the CEH certification to join an ethical hacking network

With so many security certifications, is it worthwhile to get a Certified Ethical Hacker certificate? Learn whether an ethical hacking certification can help you get ethical hacking jobs.

I'm interested in becoming a Certified Ethical Hacker. Do you consider this to be a worthwhile certification for a growing field? Is there any specific experience I should try to get that might help me along this path?

It's no secret that I have issues with portions of the security certification industry, in particular with the way that the word "ethics" is thrown around with no apparent thought about the concept. It seems that ethics only comes up when someone is getting certified or when a cert holder gets in trouble; no one actually teaches cert holders about ethics.

As a result, I was particularly intrigued when I first heard about the Certified Ethical Hacker (CEH) certification about a year ago. My research to date has indicated there is little-to-no discussion of what it means to be ethical in the certificate's training materials, and what discussion is there appears to be limited to importance of having permission before performing an assessment. Grantees of the certificate must agree to follow a code of ethics, but the CEH's code doesn't appear to be any better or worse than (ISC)2's or GIAC's, which is to say it's pretty lousy.

That being said, I have reviewed the curriculum of the class. The course outline that I saw covers a broad range of topics that any good security analyst should be familiar with. The question to ask is whether this information is something you can learn on your own or if you prefer the classroom environment.

There are two main reasons to get a certification: first, if you want to work for many government agencies, you need to be certified; and second,, some employers give bonuses for gaining certifications, in which case, by all means, certify away.

If neither of those cases apply, I don't really see the value of most certifications. Savvy hiring managers -- the ones you want to work for -- know that certifications have limited value and instead look for real-world experience and an understanding of how security needs to work in a business environment.

For more information:

This was last published in January 2009

Dig Deeper on Security industry certifications

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.