Our certifications
Quality is a top priority at NSIDE. Our tests are carried out by experts who regularly undergo further training so they are always up to date with the latest technology. This is attested by corresponding certifications. We place special emphasis on continuing training and education of our team members, which practically tests their ability to detect and exploit security vulnerabilities. This means that the vast majority of our team’s advanced training courses are not tested by questionnaires or multiple-choice exams – instead the final exams are practical hacking tests under real-life conditions.
In total, NSIDE team members hold the following certifications:
Acronym | Name | Description |
OSCP | Offensive Security Certified Professional | Comparable to the ’state exam‘ for penetration testers. This proves basic, hands-on hacking skills. |
OSCE | Offensive Security Certified Expert | Practical knowledge in web exploitation, Windows exploit development, anti-virus evasion, x86 assembly, hand crafting shellcode from an attacker’s perspective. |
OSWE | Offensive Security Web Expert | Certification for advanced penetration testing and code auditing skills at expert level |
OSWP | Offensive Security Wireless Professional | Certification for hands-on WLAN and wireless penetration testing skills |
CRTP | Certified Red Team Professional | Practical knowledge in Red Teaming and penetration testing of internal networks and Active Directory. |
CRTO | Certified Red Team Operator | Adversary simulation from initial compromise to full domain takeover, including data hunting and exfiltration |
CRTO II | Certified Red Team Operator II | Advanced OPSEC tactics and evasion of enterprise-level defense mechanisms |
CRTE | Certified Red Team Expert | Advanced practical knowledge of Red Teaming and penetration testing of internal networks and Active Directory at expert level |
CARTP | Certified Azure Red Team Professional (CARTP) | Practical knowledge in assessing the security of Azure tenants and workloads from an attacker’s perspective. |
CARTE | Certified Azure Red Team Expert | Advanced Azure pentesting and red teaming with focus on OPSEC and bypassing defenses |
Malware on Steroids | Malware Development for Windows | Development of C2 infrastructure and payloads with advanced evasion tactics for Sandboxes, EDRs and Intrusion Detection Systems |
ISO 27001 LA | ISO 27001 Lead Auditor | Certification to audit (review) information security management systems (ISMS) to ISO standard 27001 |
ISO 27001 LI | ISO 27001 Lead Implementer | Certification for the implementation (realization) of information security management systems (ISMS) according to ISO standard 27001 |
AZ-500 | Microsoft Certified Azure Security Engineer Associate | Certification from Microsoft for the Azure Cloud environment |
RTOS | Red Team Operational Security | A course for Red Team operators from the creator of the Brute Ratel (BRC4) C2 framework, covering advanced Red Team and evasion techniques as well as operational security (Opsec Safety). |
eWPTX | eLearnSecurity Web Application Penetration Tester eXtreme | Certification of advanced, practical knowledge in web application penetration testing |
ACMP | Attify Certified Mobile Pentester | Certification to demonstrate advanced knowledge in auditing mobile applications (iOS and Android) |
eMAPT | eLearnSecurity Mobile Application Peneteration Tester | Certification to demonstrate advanced knowledge in auditing mobile applications (Android) |
Your benefit from certified penetration testers
Security is based on trust. You need to be confident that penetration testing will be performed competently. Our team members have proven through regular training and their certifications that they meet the requirements of the respective practical exam and are capable of competently testing even complex systems. This provides our customers with the assurance of expert testing and advice.
Recommended certifications according to TIBER-EU Services Procurement Guidelines
The European Central Bank ECB’s TIBER Framework for Red Teaming (Threat Intelligence-based Ethical Red Teaming) confers a framework with recommendations on how Red Team Exercises should be conducted in the European financial sector. The TIBER framework has as an annex of Services Procurement Guidelines, i.e. guidance on the selection of providers. This document is intended to assist insurance companies, banks and other businesses in the European financial sector in selecting suitable and skilled providers to conduct Red Team Assessments.
To assess the capabilities of providers, Annex 6.1 of the Provider Selection Guideline mentioned above indicates different certifications that demonstrate expertise at the appropriate level. For example, the Offensive Security Certified Professional (OSCP) certification is appropriate for team members.