The Certification Process

  1. Obtain a voucher

    Whether you are attempting the ECPTX certification exam on your own or after having attended one of our approved training courses, you will need to obtain a voucher before you can start your certification process.

    Once you obtain the voucher you will receive login credentials to our Certification area where you will manage the exam, the VPN credentials and anything related to the certification process from the beginning up to the shipment of your certificate.

  2. Begin the certification process

    Regular vouchers expire after 180 days from purchase.
    Infinity vouchers do not expire.

    Before the certification expires, you will have to begin the certification process by clicking on "Begin certification process". The expiration date will always be available in your certification area and reminder emails are sent to make sure you take advantage of the voucher.

  3. Perform your tests

    As soon as you click on the "Begin certification process" button you will receive an email with instructions regarding the scope of engagement.

    This letter will contain exactly what you should test and how. At this point you will start your penetration test against the designated targets, take note of your findings and document all the exploitation steps.

    The exam network will always be available 24/7 for 2 days and dedicated to you.

    At any time you will be the only one on the network and will be able to reset the scenario should you damage it during your tests.

    You can also pause the lab and resume from where you left off by simply clicking Start/Stop buttons in the Certification area as you would do with any other Hera Lab scenario.

  4. Upload your report

    Once you have performed a comprehensive penetration test it's time to finalize documenting the exploitation steps.

    Familiarity with reporting activities is assumed. So, no commercial grade report will be required, during the eCPTX examination process. You will be required to thoroughly document how you exploited each target though, to prove your findings.

    When ready and not after 4 days from the beginning of the certification process (step 2), you will upload your report in PDF format for review.

  5. Obtain your results

    One of our instructors will carefully review your report and if your findings and your penetration testing skills are deemed sufficient to pass the exam, you will become an ECPTX.

    Should you fail the first attempt, the instructor will provide you with valuable feedback. Armed with this information you will have a free retake to be used within 4 days to upload a new report.

    The retake 4 days will begin from the moment you review the examiner's feedback. During this period the exam lab network will be re-opened for further tests. In any case a new report should be uploaded no later than 18 days from the date you receive the first attempt results by email.

    Once you pass the exam you will find the digital certificate immediately downloadable and verifiable.

Go to top of page