We at elfGROUP offer our customers high quality and certified know-how. Our Cyber Security Analyst Miika Rinne completed one of the most challenging technical certificates in the field of information security, the Offensive Security Certified Professional (OSCP) certification, this October.
To become certified, the examinee has to pass a 48 hour test, where the first 24 hours can be used to penetrate targeted systems within an isolated exam network. After that all connections to the examined networks is cut out, and the next 24 hours is used to submit a comprehensive penetration test report, containing in-depth notes detailing their findings how to exploit the systems again. The requirements to reporting are strict, and there are cases where candidates who received the best possible score during the penetration part of the exam, failed the reporting phase.
The purpose of the exam is to simulate a real life penetration testing, where first one would gather as much information as possible of the tested environment by running port scans and other enumeration tools for gathering information. After that vulnerabilities and misconfigurations are looked for and exploited to gain lower level access rights to the target system. Once access to the system is reached, similar process is undertaken with slightly different methods and tools, to achieve system administration privileges.
”The methods and tools used in the exam were already familiar to me, but the pressure from the time limit brought in an extra spice. One cannot stay stuck for too long in one matter, but instead has to have a wider outlook to interpret the situation as a whole,” Miika comments.
An OSCP certified penetration tester has proven to have the expertise in a large scale of challenging technical methods, but also having a certain degree of persistence and determination, as well as ability to think “outside the box” and “laterally.” We’d like to congratulate Miika for this great achievement!