Certified OSWEs have a clear and practical understanding of white box web application assessment and security. They’ve proven their ability to review advanced source code in web apps, identify vulnerabilities, and exploit them. They use creative and lateral thinking to determine innovative ways of exploiting web vulnerabilities OSWEs are able to assist web development teams in creating and maintaining web apps that are secure by design. OSWE holders must complete the Advanced Web Attacks and Exploitation (AWAE) course with Offensive Security and pass a rigorous 48-hour practical exam.

OSCEs have expert-level penetration testing skills. They have proven that they can craft their own exploits, execute attacks to compromise systems, and gain administrative access. The intense 48-hour exam also demonstrates that OSCEs have an above-average degree of persistence, determination, and ability to perform under pressure and can think outside the box to determine innovative ways of penetrating internal networks. An OSCE also has familiarity with more advanced protections like ASLR.

An OSCP has demonstrated the ability to use persistence, creativity, and perceptiveness to identify vulnerabilities and execute organized attacks under tight time constraints. OSCP holders have also shown they can think outside the box while managing both time and resources.

The Burp Suite Certified Practitioner is an official certification for web security professionals, from the makers of Burp Suite. Achieving BSCP status requires a deep knowledge of web security vulnerabilities, the correct mindset to exploit them, and of course, the Burp Suite skills needed to carry this out. Successfully passing the BSCP certification exam indicates a high-level proficiency in web security testing.

The API Penetration Testing course provides hands-on instruction on testing APIs for security flaws. Participants in the course have learned specific, detailed tools and techniques for analyzing, testing and identifying API vulnerabilities. The skills learned include API reconnaissance, scanning, auditing JSON Web Tokens, performing authentication and authorization attacks, and exploiting other common API weaknesses like injection, mass assignment, and server-side request forgery.

Earners of the CompTIA Server+ certification have the necessary skills to work in today's data centers, server rooms and cloud environments. CompTIA Server+ professionals have demonstrated mastery in the latest server technologies including virtualization, software-defined networking, security and network-attached storage.

Earners of the Certificate of Cloud Security Knowledge (CCSK) badge have demonstrated competency in key cloud security issues. They understand security best practices over a broad range of cloud computing domains. They have completed an examination covering the fundamental concepts of the CSA Security Guidance v.4, the CSA Cloud Controls Matrix v.3.0.1, and the ENISA white paper, “Cloud Computing: Benefits, Risks and Recommendations for Information Security”.