But depending on your current experience that may not be entirely necessary-prior to my own exam attempt, here’s where I stood: To be the most comfortable going into the exam, definitely complete all their recommended labs. However much milage you rack up preparing will vary depending on what type of labs you focus on. Following this, you should take their practice exam, which will simulate the type of vulnerable applications-goals and all-that you will face when you sit for the actual exam.
If you’re planning to take this exam, PortSwigger recommends you complete all the “Apprentice” and “Practitioner” level labs. Preparation for the Burp Suite Certified Practitioner Exam What can you expect from the experience? Let’s break it down. (This is required to access some of the features you’ll need.) Even if you’re not planning to take the Burp Suite Certified Practitioner Exam, it’s well worth your time for the knowledge gleaned alone-everyone in the information security community would gain something of value.īut if you are planning on taking the exam, there’s a few things to consider which include: What’s more is, the Web Security Academy content is completely free. The learning material is all top-notch and based on relevant content that, in a lot of instances, I found would directly translate to real world findings during live application penetration tests. Each section also features accompanying articles that explain what the overall security issues are and how they can be exploited. The labs vary in difficulty, ranging from “Apprentice” (50 total), “Practitioner” (131 total), and “Expert” (30 total) respectively. These applications are organized into multiple categories based on vulnerability such as Cross-Site Scripting (XSS) or HTTP Request Smuggling. What Does the Web Security Academy Offer?Īt the time of writing this, Portswigger’s Web Security Academy consists of 211 different lab challenges on intentionally vulnerable web applications. Having now obtained certification myself, I wanted to offer my perspective to help other security professionals decide more ably if it’s really right for you. What follows in this article is my experience with the Academy and the exam. The content in the Web Security Academy is well renowned for its relevancy and practical approach, so I was very interested in the opportunity to expand my expertise through this exam. This is obtained by completing a technical exam that is intended to accompany the Web Security Academy-Portswigger’s official training platform designed to teach a wide variety of application security concepts with Burp Suite.Īpplication security is a core focus on our Pen Test team, which means we work heavily with Burp Suite. Franklin’s time, PortSwigger recently provided their own opportunity to “invest in knowledge” through their release of the Burp Suite Certified Practitioner certification. Benjamin Franklin once said, “an investment in knowledge always pays the best interest.”Ī little more current than Mr.
0 kommentar(er)
