Contents

EC-Council CEH: Getting Past HR

CEH Review Featured Image

The Certified Ethical Hacker (CEH) is often touted as a valuable credential. But is it really worth your time and money? Let’s take a closer look at what CEH is, what it offers, and why some professionals view it with skepticism.

What is CEH?

CEH, or Certified Ethical Hacker, is a certification offered by the EC-Council (International Council of E-Commerce Consultants). It’s marketed as a professional certification for those specializing in ethical hacking and penetration testing.

  • Experience Level: Intermediate
  • Certificate Focus: Offensive & Ethical Hacking
  • Exam Voucher Pricing: $1199 USD (varies on location and time of year)
  • Training Pricing: Varies

The CEH Exam: A Walk in the Park?

The CEH exam is often described as less rigorous compared to other comparable certifications such as the OSCP:

  1. Format: Multiple-choice exam with 125 questions
  2. Duration: 4 hours

  3. Passing score: 60-85% (varies by exam version)

Many professionals argue that this format fails to adequately test practical skills, relying instead on rote memorization.

CEH Exam Details

CEH Training: Necessary or a Money Grab?

EC-Council offers official CEH training through various methods:

  1. Instructor-Led Training
  2. iLearn (E-learning)

  3. Academic Learning

While these programs cover the exam content, critics argue that they often lack depth and practical application.

The HR Checkbox Phenomenon

Perhaps the most damning criticism of CEH is that it’s often seen as merely an “HR checkbox” certification. Many seasoned professionals argue that:

  1. It’s more about recognition than actual skill development
  2. Some organizations require it without fully understanding its limitations
  3. It may get your resume past initial HR screening, but it doesn’t necessarily prove practical hacking skills

The CEH is a certificate you'll often see in job postings, despite it being extremely unpopular among cybersecurity professionals.

Is There Any Value in CEH?

Despite these criticisms, CEH isn’t entirely without merit:

  1. It can serve as an introduction to basic security concepts for beginners
  2. Some government and corporate jobs still require or prefer it
  3. It may be a stepping stone to more advanced certifications
CEH Training Pricing

Conclusion: Think Critically Before Investing

While CEH has its place in the cybersecurity landscape, it’s crucial to approach it with a critical eye:

  1. Consider your career goals and whether CEH aligns with them
  2. Look into alternative certifications that may offer more practical skills
  3. Understand that no certification is a substitute for real-world experience and continuous learning

Off the Record

The CEH has built a horrible reputation over the years as an overpriced, shallow certificate that proves very little when it comes to ethical hacking. Unfortunately, it’s common to see the CEH on job postings as a desired certificate.