I have a goal of taking the Offensive Security Certified Professional (OSCP). I will attempt it in the next 3 years. I figure it gives me time to study and gain experience programming to do advanced infiltrations on information systems.
I have been doing Information Security analyst work for a while and I enjoy doing it. But I want to see all sides of security not just what an attack looks like from the inside looking out but from the outside looking in.
The main reason I want to attempt the OSCP is for fun. I enjoy puzzles. I want the challenge of it even if I fail miserably.
As certifications go, I think its the future of high-level certifications. Not unlike the Cisco, and Red Hat Certifications, the OSCP takes practical skills to pass. Pure written exams lend themselves to braindumps and crowdsourced cheating. An overwhelming number of “IT professionals” now have lots of certifications with very little experience. The reason I don’t like this is because I don’t like carrying other peoples weight.