SECURITY+ COMPETITIVE ANALYSIS 1. GIAC GSEC 2. (ISC)2 SSCP 3. EC-COUNCIL CEH

Transcription

1 SECURITY+ COMPETITIVE ANALYSIS 1. GIAC GSEC 2. (ISC)2 SSCP 3. EC-COUNCIL CEH 1

2 SECURITY+ VS GIAC GSEC

3 Where does GSEC fit? 3

4 CompTIA Security+ and GIAC Security Essentials (GSEC) Feature CompTIA Security+ GIAC GSEC Certifying organization Industry recognized (see description above) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes GIAC (Global Information Assurance Certification) (for-profit organization) Professional Development Qualifying Credential ISO/ANSI and Continuing education Yes Yes DoD M IAT II, IAM I IAT II Target audience Entry-level cybersecurity professionals Entry-level cybersecurity professionals 4

5 CompTIA Security+ and GIAC Security Essentials (GSEC) Feature CompTIA Security+ GIAC GSEC Exam topics Similar, more in-depth Similar, less in-depth Prerequisites Performance-based questions No required prerequisites; CompTIA A+ and Network+ recommended Yes None, no recommendations No 5

6 Why Security+ instead of GSEC? Reason #1 Security+ is better suited to help IT professionals reach a base level of cybersecurity competence for the least amount of money GSEC is less in-depth and costs more (GSEC $659 vs Security+ $320 retail) Reason #2 The Security+ exam assesses hands-on cybersecurity skills through performance-based questions GSEC does not Reasons #3 Security+ is focused 100% on cybersecurity skills GSEC is more general and includes networking and Linux fundamentals 6

7 Reasons to work with CompTIA instead of GIAC Reason #1 CompTIA encourages partners to choose any training option GIAC uses SANS 401 training Reason #2 Security+ is more costeffective to assess entry-level cybersecurity skills GSEC USD $659 vs Security+ $179 retail Reason #3 CompTIA certifications are more widely adopted by the industry 96,131 GIAC certifications issued versus over 2,000,000 CompTIA certifications issued (July 2017) 7

8 SECURITY+ VS (ISC) 2 SSCP

9 Where does SSCP fit? 9

10 CompTIA Security+ and (ISC)2 Systems Security Certified Practitioner (SSCP) Feature CompTIA Security+ (ISC) 2 SSCP Certifying organization CompTIA (nonprofit association) (ISC) 2 Information Systems Security Certification Consortium (nonprofit association) Industry recognized Professional Development Qualifying Credential Professional Development Qualifying Credential Vendor-neutral Yes Yes ISO/ANSI and Yes Yes Continuing education DoD M IAT II, IAM I IAT I, IAT II, CSSP-IS Target audience Entry-level cybersecurity professionals Entry-level cybersecurity professionals 10

11 CompTIA Security+ and (ISC)2 Systems Security Certified Practitioner (SSCP) Feature CompTIA Security+ (ISC) 2 SSCP Exam topics Baseline cybersecurity skills, more in-depth Baseline cybersecurity knowledge, less in-depth Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA A+ and Network+ recommended Yes Requires proof of one year IT-related experience and an endorsement. Candidates can also pass the exam, become an associate and get the experience later No 11

12 Why Security+ instead of SSCP? Reason #1 Reason #2 Reason #3 Reason #4 Security+ is more technical and goes further indepth into cybersecurity skills than SSCP SSCP is considered CISSP light because it covers an extremely broad level of topics without going into depth The Security+ exam assess hands-on skills through performance-based questions (and closed-response questions) The SSCP exam has no performance-based questions, only closed-response questions 12

13 Reasons to work with CompTIA instead of (ISC) 2 Reason #1 Reason #2 Reason #3 CompTIA certifications are more widely adopted by the industry: Over 400,000 CompTIA Security+ certifications have been issued versus 3,360 SSCP certifications (April 2017) SSCP requires one-year verification for ITrelated work to certify, otherwise test takers become an associate Security+ assesses cybersecurity skills when the student sits for the exam; no proof of IT experience required because the hands-on skills are verified immediately at the testing center 13

14 SECURITY+ VS EC-COUNCIL CEH

15 Where does CEH fit? 15

16 CompTIA Security+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA Security+ EC-Council CEH Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes EC-Council (Int l. Council of Electronic Commerce Consultants) (for-profit association) Professional Development Qualifying Credential ISO/ANSI and Continuing education Yes Yes DoD M IAT II, IAM I CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Target audience Entry-level cybersecurity professionals Intermediate-level cybersecurity professionals 16

17 CompTIA Security+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA Security+ EC-Council CEH Exam topics Baseline cybersecurity skills required for an entry-level IT professional, including basic penetration testing skills Penetration testing knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA A+ and Network+ recommended Yes Requires proof of two-years cybersecurity related experience, unless the candidate attends official EC-Council training No 17

18 Why Security+ instead of CEH? Reason #1 The Security+ and CEH audiences are different: Security+ is designed to help IT professionals reach a base level of cybersecurity competence CEH is designed to help IT professionals ethically hack and pen test at the intermediate level (CPT+) Reason #2 The Security+ exam assesses hands-on skills through performance-based questions and closed-response questions: The CEH exam has no performance-based questions The CEH exam assesses only knowledge Security+ assesses knowledge, comprehension and application of skills 18

19 Reasons to work with CompTIA instead of EC-Council Reason #1 Reason #2 EC-Council requires candidates to attend official EC-Council CEH training, otherwise candidates must provide two-years of employer-endorsed proof of cybersecurity experience CompTIA allows partners to choose less expensive training options CompTIA requires no proof of IT experience to receive Security+; hands-on skills are verified at the testing center Security+ is more cost-effective to assess entrylevel cybersecurity skills (USD $179 vs $700 retail) Reason #3 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus over 200,000 EC-Council certifications (July 2017) 19

20 CSA+ COMPETITIVE ANALYSIS 1. EC-COUNCIL CEH 2. EC-COUNCIL CND 3. LOGICAL OPERATIONS CFR 20

21 CSA+ VS EC-COUNCIL CEH

22 Where does CEH fit? 22

23 CompTIA CSA+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA CSA+ EC-Council CEH Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes EC-Council (Int l. Council of Electronic Commerce Consultants) (for-profit association) Professional Development Qualifying Credential ISO/ANSI and Continuing education DoD M Target audience Yes In review: IAT II, CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals Yes CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals 23

24 CompTIA CSA+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA CSA+ EC-Council CEH Exam topics Security analyst knowledge, application and analysis Penetration testing knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Network+ and Security+ recommended Yes Requires proof of two-years cybersecurity related experience, unless the candidate attends official EC-Council training No 24

25 Why CSA+ instead of CEH? Reason #1 They have different audiences: CSA+ focuses on security analyst techniques to protect and defend networks CEH focuses on ethical hacking and penetration testing, which is a subset of CSA+ There is only a 38% overlap between the exams, most in penetration testing and vulnerability assessment and management Reason #2 CSA+ objectives cover higher-level learning objectives by analyzing and applying; CEH requires only knowledge of a given topic 25

26 Why CSA+ instead of CEH? Reason #3 Reason #4 The upcoming CompTIA CPT+ exam will directly compete with CEH The CSA+ exam assesses hands-on skills through performance-based questions and closedresponse questions The CEH exam has no performance-based questions, only closed-response questions The CEH exam only assesses knowledge of skills. CSA+ assesses knowledge, comprehension, application and analysis of skills 26

27 Reasons to work with CompTIA instead of EC-Council Reason #1 Reason #2 EC-Council requires candidates to attend official EC-Council CEH training, otherwise candidates must provide two-years of employer-endorsed proof of cybersecurity experience CompTIA allows partners to choose less expensive training options CompTIA requires no proof of IT experience to receive CSA+; hands-on skills are verified at the testing center CSA+ is more cost-effective to assess intermediate-level cybersecurity skills (USD $179 vs $700 retail) Reason #3 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus over 200,000 EC-Council certifications (July 2017) 27

28 CSA+ VS EC-COUNCIL CND

29 Where does CND fit? 29

30 CompTIA CSA+ and EC-Council Certified Network Defender (CND) Feature CompTIA CSA+ EC-Council CND Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential EC-Council (Int l. Council of Electronic Commerce Consultants) (for-profit association) Professional Development Vendor-neutral Yes Online exam ( ISO/ANSI and Continuing education DoD M Target audience Yes In review: IAT II, CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals Yes No No 30

31 CompTIA CSA+ and EC-Council Certified Network Defender (CND) Feature CompTIA CSA+ EC-Council CND Exam topics Security analyst knowledge, application and analysis Focuses on traditional perimeter defense knowledge, such as firewalls and anti-virus software; includes basic security analyst knowledge (closer to Security+ knowledge) Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Network+ and Security+ recommended Yes Requires proof of two-years cybersecurity related experience, unless the candidate attends official EC-Council training No 31

32 Why CSA+ instead of CND? Reason #1 Reason #2 The CND exam focuses more on traditional perimeter techniques, such as firewalls and antivirus software CSA+ focuses more on modern security analytics, such as the Advanced Persistent Threat (APT) CSA+ covers the essential concepts of zeroday anomaly detection that focuses on symptoms and analysis, and penetration testing aspects of vulnerability assessment and management; CND does not The CSA+ exam includes Secure Information and Event Management (SIEM) practices and concepts; the CND exam does not 32

33 Why CSA+ instead of CND? Reason #3 CSA+ objectives cover Bloom s taxonomy higherlevel learning objectives by analyzing and applying CND objectives cover mostly lower-level learning objectives through knowledge and comprehension. The best way to assess performance is by analyzing and applying technology, in addition to memorizing knowledge and comprehending Reason #4 The CND exam focuses more on entry-level concepts, rather than intermediate security analytics skills; CND is closer to Security+ than CSA+ 33

34 Why CSA+ instead of CND? Reason #5 Reason #6 Reason #7 CSA+ contains both performance-based assessment items and multiple-choice items; CND contains only multiple-choice items. CSA+ objectives cover higher-level learning objectives by analyzing and applying; CND requires only knowledge of a given topic. EC-Council certifications also tend to focus on arcane security tool features, rather than industry-standard best practices. 34

35 Reasons to work with CompTIA instead of EC-Council Reason #1 Reason #2 EC-Council requires candidates to attend official EC-Council CND training, otherwise candidates must provide two-years of employer-endorsed proof of cybersecurity experience CompTIA allows partners to choose less expensive training options CompTIA requires no proof of IT experience to receive CSA+; hands-on skills are verified at the testing center CSA+ is more cost-effective to assess cybersecurity skills (USD $179 vs $350 retail) 35

36 Reasons to work with CompTIA instead of EC-Council Reason #3 At CompTIA, we are very careful to create highquality exams. EC-Council tends to focus on training. Reason #4 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus approximately 200,000 EC-Council certifications (July 2017) 36

37 CSA+ VS CFR

38 Where does CFR fit? 38

39 CompTIA CSA+ and Logical Operations CyberSec First Responder (CFR) Feature CompTIA CSA+ LO CFR Certifying organization Industry recognized (see description above) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes Logical Operations (for-profit association) Professional Development Qualifying Credential ISO/ANSI and Continuing education DoD M Target audience Yes In review: IAT II, CSSP- Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals Yes CSSP-Analyst, CSSP-IR Intermediate-level cybersecurity professionals 39

40 CompTIA CSA+ and Logical Operations CyberSec First Responder (CFR) Feature CompTIA CSA+ LO CFR Exam topics Security analyst knowledge, application and analysis; includes Incident response Incident response knowledge Prerequisites Performance-based questions No required prerequisites; CompTIA Network+ and Security+ recommended Yes None No 40

41 Why CSA+ instead of CFR? Reason #1 Reason #2 The CSA+ exam focuses on the unique skills of a security analyst. These include the ability to place, configure, manage, and interpret a Security Information and Event Management (SIEM) tool, interpret packet captures, logs, and other readouts from network, endpoint, and server devices, conduct effective vulnerability assessments and penetration tests, as well as respond properly to incidents. Only 30% of the topics are similar, mostly covering incident response 41

42 Why CSA+ instead of CFR? Reason #3 CSA+ is an intermediate-level certification; CFR is closer to entry-level Security+ skills. Most CSA+ objectives cover scenarios and applying skills. Most CFR objectives explain concepts. Reason #4 The CSA+ exam assesses hands-on skills through performance-based questions and closedresponse questions The CFR exam has no performance-based questions, only closed-response questions The CFR exam only assesses knowledge and comprehension of skills. CSA+ assesses knowledge, comprehension, application and analysis of skills 42

43 Reasons to work with CompTIA instead of Logical Operations Reason #1 Reason #2 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus very few LO certifications (July 2017) LO is primarily a small publishing company that has gotten into the certification business recently. CompTIA has been an industry IT certification heavyweight for over 25 years. 43

44 CASP COMPETITIVE ANALYSIS 1. (ISC)2 CISSP 2. ISACA CISM 3. GIAC GCED 44

45 CASP VS (ISC)2 CISSP

46 Where does CISSP fit? 46

47 CompTIA CASP and (ISC) 2 Certified Information Systems Security Professional (CISSP) Feature CompTIA CASP (ISC)2 CISSP Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes (ISC) 2 Information Systems Security Certification Consortium (nonprofit association) Professional Development Qualifying Credential ISO/ANSI and Continuing education Yes Yes DoD M IAT III, IAM II, IASAE I & II IAT III, IAM II & III, IASAE I, II & III, CSSP Manager Target audience Cybersecurity practitioners Cybersecurity managers 47

48 CompTIA CASP and (ISC)2 Certified Information Systems Security Professional (CISSP) Feature CompTIA CASP (ISC)2 CISSP Exam topics Enterprise cybersecurity architecture, tools and system resilience Enterprise cybersecurity management knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Security+ recommended Yes Requires proof of five years of cybersecurity-related experience and an endorsement. Candidates can also pass the exam, become an associate and get the experience later No 48

49 Why CASP instead of CISSP? Reason #1 It depends on the audience: CompTIA CASP is the ideal certification for advanced practitioners of cybersecurity. CASP is intended for those technical professionals who wish to remain immersed in technology as opposed to managing cybersecurity policy and frameworks. CASP is also highly technical in nature. Instead of focusing on theoretical risk management, CASP requires hands-on, practical knowledge of risk management practices. (ISC)2 CISSP is the ideal certification for those in cybersecurity management. CISSP is intended for technical and non-technical candidates that manage cybersecurity policy and frameworks 49

50 Why CASP instead of CISSP? Reason #2 CASP goes in-depth into advanced cybersecurity skills; in contrast, CISSP covers an extremely broad level of topics without going in-depth. Some people say CISSP is six miles wide and two inches deep Reason #3 The CASP exam assesses hands-on skills through performance-based questions (and closedresponse questions); the CISSP exam has no performance-based questions, only closedresponse questions 50

51 Reasons to work with CompTIA instead of (ISC) 2 Reason #1 Reason #2 Reason #3 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus approximately 130,000 (ISC)2 certifications (April 2017) CISSP requires verification for five-years of cybersecurity-related work to certify, plus an endorsement, otherwise test takers become an associate CASP assesses cybersecurity skills when the student sits for the exam; no proof of IT experience required because the hands-on skills are verified immediately at the testing center 51

52 Reasons to work with CompTIA instead of (ISC) 2 Reason #4 Reason #5 CASP is more cost-effective to assess entry-level cybersecurity skills (USD $320 vs $599 retail) The CompTIA continuing education program is far more simple, yet just as thorough as (ISC)2 52

53 CASP VS ISACA CISM

54 Where does CISM fit? 54

55 CompTIA CASP and ISACA Certified Information Security Manager (CISM) Feature CompTIA CASP ISACA CISM Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes ISACA (nonprofit association) Professional Development Qualifying Credential ISO/ANSI and Continuing education Yes Yes DoD M IAT III, IAM II, IASAE I & II IAM II & III, CSSP-M Target audience Cybersecurity practitioners Cybersecurity managers 55

56 CompTIA CASP and ISACA Certified Information Security Manager (CISM) Feature CompTIA CASP ISACA CISM Exam topics Enterprise cybersecurity architecture, tools and system resilience Enterprise cybersecurity management knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Security+ recommended Yes Requires verification of at least five years of experience working in the information security field No 56

57 Why CASP instead of CISM? Reason #1 It depends on the audience: CompTIA CASP is the ideal certification for advanced practitioners of cybersecurity. CASP is intended for those technical professionals who wish to remain immersed in technology as opposed to managing cybersecurity policy and frameworks ISACA CISM is a management-focused certification that promotes security practices and recognizes the individuals who manage, design, oversee and assess an enterprise s information security Reason #2 CASP goes in-depth into advanced cybersecurity topics and hands-on skills; CISM covers cybersecurity governance, compliance and management 57

58 Why CASP instead of CISM? Reason #3 CISM is highly respected, yet also quite theoretical. CASP is respected in the industry because it focuses on practical knowledge and security implementation Reason #4 The CASP exam assesses hands-on skills through performance-based questions (and closedresponse questions); the CISM exam has no performance-based questions, only closedresponse questions 58

59 Reasons to work with CompTIA instead of ISACA Reason #1 Reason #2 Reason #3 Reason #4 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus approximately 110,000 ISACA certifications CISM requires verification of at least five years of experience working in the information security field CASP assesses cybersecurity skills when the student sits for the exam; no proof of IT experience required because the hands-on skills are verified immediately at the testing center CASP is more cost-effective to assess advanced cybersecurity skills (USD $320 vs $595 retail) 59

60 CASP VS GIAC GCED

61 Where does GCED fit? 61

62 CompTIA CASP and GIAC Certified Enterprise Defender (GCED) Feature CompTIA CASP GIAC GCED Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes GIAC (Global Information Assurance Certification) (for-profit organization) Professional Development Qualifying Credential ISO/ANSI and Continuing education Yes Yes DoD M IAT III, IAM II, IASAE I & II IAT III Target audience Advanced cybersecurity practitioners Advanced cybersecurity practitioners 62

63 CompTIA CASP and GIAC Certified Enterprise Defender (GCED) Feature CompTIA CASP GIAC GCED Exam topics Enterprise defense, cybersecurity architecture, tools and system resilience Enterprise defense Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Security+ recommended Yes None, no recommendations No 63

64 Why CASP instead of GCED? Reason #1 Reason #2 Reason #3 GCED covers only enterprise defense; CASP covers enterprise defense, plus cybersecurity architecture, tools and resilience techniques used to predict how the network will react when under attack The CASP exam assesses hands-on cybersecurity skills through performance-based questions; GCED does not CASP was developed for the industry in general, but also with a goal to help the United States Department of Defense secure its systems 64

65 Reasons to work with CompTIA instead of GIAC Reason #1 Reason #2 Reason #3 Reason #4 GIAC sells SANS 501 training; CompTIA can guide partners to less expensive training options CASP is more cost-effective to assess entry-level cybersecurity skills (USD $320 vs $659 retail) CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus 96,131 GIAC certifications (July 2017) SANS training is highly-respected. But CASP training and certification provides hands-on understanding of risk management at less cost, with significant Return on Investment (ROI) 65