Well, today is the day. We are very pleased to announce the availability of the Offensive Security Web Expert (OSWE) certification. All past AWAE students can schedule their exams, and all new purchases of AWAE will have the exam included at no additional fee.

We do apologize for the delay. Releasing a new certification is no small feat, as we need to ensure it meets the high quality reputation of the other Offensive Security certifications. This means a hands-on and demanding process that ensures the student has a full grasp of the material being tested. To ensure we got this right, we worked with a large number of students to take “beta” exams and get their feedback. This obviously takes some time, but it’s worth it to ensure we got it right the first time.

The result is a 48-hour exam that has the same approach as other Offensive Security certifications. If you have ever taken the OSCP, OSCE, or OSEE, this exam process will be very familiar to you. Expect to be challenged, and focus just as much on your thinking and troubleshooting process as you do the technical matters. One of the key values of an OffSec cert is not just that it shows you know technical items, but that you can work and perform those technical items in a high stress situation, essential for real world performance.

Penetration testing today is changing fast and the task of securing environments means hitting a constantly moving target. While there are terrific security products available that scan all kinds of potential vulnerabilities, the risk that each vulnerability represents is heavily dependent on context, something that software tools can’t struggle to comprehend. Two or three seemingly minor vulnerabilities for example, which represent minimal risk on their own and thus likely wouldn’t be prioritized in patching, can in the right circumstance be used in tandem with one another to seriously impact an organization. Only courses like AWAE teach aspiring pentesters how to recognize these potential pathways as the threat that they are, and organizations thus know that pentesters who have earned the OSWE certification are eminently qualified to protect them.

We feel strongly that OffSec’s deep connection with the infosecurity community through its support and funding of grassroots projects like Kali Linux and Exploit-DB sets our training courses apart. Thanks to this unique relationship, we uncover invaluable insight about industry trends and needs which we then use to continuously evaluate and strengthen our course offerings and certifications. Students who take and pass the AWAE exam can therefore feel confident that they’re acquiring the adversarial mindset required to advance their careers and help organizations close the cybersecurity talent gap.

As was the case with making AWAE available anywhere, anytime, the addition of the exam would not be possible without the passionate work and effort of several members of the OffSec team, who not only designed the exam, but updated the virtual lab and put the process in place to ensure students take the exam fairly and without disruption. We’d like to thank the team for this effort and wish AWAE students the best of luck in earning their OSWE.