What is the last remaining security risk? you already know It can be your colleague, co-worker or even yourself.
I myself am a Senior Penetration Tester and am accompanied by all of my penetration testing, while over 100, there always remained a risk, which in the end led to us using Social Engineering could break into the target company.
Over time, it became clear that corporations and governments, as well as medium-sized companies, are doing something in the area of user awareness, but unfortunately this is often not implemented correctly.
In addition to user awareness, i.e. the correct and conscious handling of IT by users, IT must also be able to detect IT security gaps.
Since we ourselves, like you too, have the problem of a shortage of skilled workers, we decided to create an IT security training course in German ourselves.
Even trained with the most common certifications such as the OSCP, OSSTMM (Professional), PCI DSS Practioneer CEH and a number of other certifications, we were unfortunately disappointed too often at the end of the day. Almost all, with the exception of the OSCP, only have a simple theory test - unfortunately not really realistic and too easy for the real world of penetration testing.
The OSCP, on the other hand, does some things well, but unfortunately it too ends up being equipped with a lab that is too easy and unrealistic, in which you can hack hands-on. There isn't even an IPS system.
Here we have together with the IHK Academy Koblenz
a three-stage - several months! – In-service training created, at the end of which a practical test must be passed.
The failure rate here is currently 71 percent, with the Junior Penetration Tester, because it is not given away. The three courses take a total of 3 months of training. Nowhere else is there such a long and intensive training as a penetration tester and all this part-time, with senior penetration testers who have been trained for many years and are extremely experienced.
