Only 5 days
Classroom / Online Live
17/03/2025 (Monday)
Please note
This course has been replaced by the EC-Council Certified Penetration Testing Professional (CPENT) certification. With Firebrand, it takes only 5 days. See the full course spec here.
Browse this page to find out more about ECSA and what it used to cover.
Overview
On this accelerated five day EC-Council Certified Security Analyst (ECSA) course, you’ll learn to specialise in penetration testing. This interactive and hands-on course utilises EC-Council iLabs, giving you the skills to conduct penetration tests simulating a real-world security environment. You’ll put these skills into context, learning how to use them to protect and defend your business.
The penetration testing skills you’ll learn apply to a wide variety of modern infrastructures, operating systems and application environments. Using Firebrand’s unique Lecture | Lab | Review technique your expert instructor will immerse you in learning the most up to date attack vectors like SQL injection, XSS, CSRF and DoS. Modules you’ll cover will include:
- Vulnerability Analysis
- SQL Penetration Testing Methodology
- Database Penetration Testing Methodology
- Cloud Penetration Testing Methodology
You’ll also be fully supported and coached in preparation for the ECSA exam which you’ll take on the final day of the course.
This ECSA course goes beyond the process of penetration testing, also teaching you how to complete a penetration testing report and to adopt the mind-set of a quality penetration tester – always curious to investigate and discover any potential security threat.
When you get ECSA (v10) certified, you can apply for CREST Practitioner Security Analyst (CPSA) qualification equivalency - meaning you get two certifications from just one course and exam.
9x Accredited Training Centre of the Year
Firebrand Training has again won the EC-Council Accredited Training Centre of the Year Award, from a Training Partner network that has more than 700 training centres across 107 countries. This extends a record-breaking run of successive awards to nine years.
Jay Bavisi, President of EC-Council said: “The annual EC-Council Awards highlights the commitment and achievements of our global partners and trainers that have contributed to the information security community.”
Benefits
This accelerated ECSA course fully prepares you for both the penetration test skills competency test and the ECSA v10 exam. The course also includes some of the self-study modules in order to give you training on as many topics as possible and give you more valuable penetration testing skills.
Curriculum
All of the following core modules are included on this ECSA course, as well as coverage of the concepts from the official ECSA self-study modules, to ensure you are fully prepared for the ECSA exam:
Core Modules
- 1. Introduction to Penetration Testing and Methodologies
- 2. Penetration Testing Scoping and Engagement Methodology
- 3. Open Source Intelligence (OSINT) Methodology
- 4. Social Engineering Penetration Testing Methodology
- 5. Network Penetration Testing Methodology - External
- 6. Network Penetration Testing Methodology - Internal
- 7. Network Penetration Testing Methodology - Perimeter Devices
- 8. Web Application Penetration Testing Methodology
- 9. Database Penetration Testing Methodology
- 10. Wireless Penetration Testing Methodology
- 11. Cloud Penetration Testing Methodology
- 12. Report Writing and Post Testing Actions
Self-Study Modules
Your learning doesn't stop as soon as you become a professional penetration tester - with such a fast-changing subject matter, you're expected to continue learning throughout your career. To ensure continuous learning, the ECSA course comes packed with tons of self-study resources.
- 1. Penetration Testing Essential Concepts
- 2. Password Cracking Penetration Testing
- 3. Denial-of-Service Penetration Testing
- 4. Stolen Laptop, PDAs and Cell Phones Penetration Testing
- 5. Source Code Penetration Testing
- 6. Physical Security Penetration Testing
- 7. Surveillance Camera Penetration Testing
- 8. VoIP Penetration Testing
- 9. VPN Penetration Testing
- 10.Virtual Machine Penetration Testing
- 11. War Dialing
- 12. Virus and Trojan Detection
- 13. Log Management Penetration Testing
- 14. File Integrity Checking
- 15. Telecommunication and Broadband Communication Penetration Testing
- 16. Email Security Penetration Testing
- 17. Security Patches Penetration Testing
- 18. Data Leakage Penetration Testing
- 19. SAP Penetration Testing
- 20. Standards and Compliance
- 21. Information System Security Principles
- 22. Information System Incident Handling and Response
- 23. Information System Auditing and Certification
Exam Track
You'll sit the ECSA v10 exam at the Firebrand Training centre during the course, covered by your Certification Guarantee.
This exam is proctored online through the EC-Council Exam portal.
- 150 questions
- 70% passing score
- 4 hour exam
- Multiple choice
EC-Council and CREST certification equivalency
When you become ECSA (v10) certified, you can apply for CREST Practitioner Security Analyst (CPSA) qualification equivalency.
What's Included
On this accelerated, all inclusive course you'll get:
- EC-Council official GCHQ accredited ECSA courseware
- Certified EC-Council Instructor
- 6 months access to EC-Council official ECSA iLabs Cyber Range
- EC-Council ECSA exam onsite on the final day of your course
When you achieve your ECSA certification, you will be awarded a digital badge. This can be downloaded from EC-Council’s Aspen Portal.
Prerequisites
Before attending this accelerated penetration testing course, and in order to best prepare you for the ECSA exam, we strongly recommend you should either: already hold the CEH v10 certification, or have the equivalent knowledge and experience to a CEH v10 holder, which includes experience in:
- TCP/IP (essential)
- Networking (intermediate)
- Scripting and Programming (essential but the basics)
- Cryptography (intermediate)
- Web Development (essential but the basics)
- Virtualisation (basics)
- Project Management (basics)
- Knowledge of Wireless Testing
- Knowledge of Cloud Technologies
- Knowledge of Databases