An OSCP Penetration Test or OSCP Pentest typically means that a Penetration Test is carried out by someone who has achieved the Offensive Security Certified Professional (OSCP) certification. The OSCP is a Penetration Testing certification run and managed by an organisation called 'Offensive Security'.
Offensive Security Testing typically means that you are performing an active engagement to identify vulnerabilities in a system by Penetration Testing a system. You are actively looking for weaknesses and flaws which may be used or exploited by a genuine advisory to gain access to information or interrupt the availability of a system or service.
Performing Offensive Security engagements or Penetration Tests is important because without ‘testing’ how do you know that your security controls and investment to protect your information, data and intellectual property is ‘safe’? The concept of penetration testing and offensive security testing is looking for possible weaknesses and vulnerabilities which may be used to compromise your organisation.
The Offensive Security Certified Professional (OSCP) and Certified Ethical Hacker (CEH) examinations are often compared. Both offer a different type of exam and process to achieve certification. The OSCP typically involves training via online labs with systems to test against and compromise, followed by an exam where an array of systems have to be breached and a report written and submitted for assessment. In contrast, the CEH typically involved either classroom or book based learning followed by a multiple-choice exam.
If you like this blog post, find more content in our Glossary.