SecProve
ProfessionalVendor-neutralEC-Council· issued from US

CPENT

EC Council Certified Penetration Testing Professional

EC Council Certified Penetration Testing Professional

Official page at EC-Council↔ Compare with another cert
Exam fee
$999
Ongoing
$80/yr AMF · 40 CPE/yr
Study time
200–400 hrs
Delivery
Hybrid
Validity
3 yrs (renewal cycle)

› Quality score

27.0 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor
How well-defined and rigorous the exam blueprint is.
EC-Council's pentest ECO covers AD, web, IoT, cloud — broader than OSCP.
6.5/10
Practical evidence
Hands-on labs / written reports vs pure MCQ.
24-hour live lab + report; advanced track is harder than CEH Practical.
7.5/10
Currency & upkeep
How aggressively content is kept current with the field.
Updated to v3 in 2024 with cloud and IoT content.
6.5/10
Market recognition
How often this signal actually moves a hiring decision.
Recognised in EC-Council ecosystem and DoD listings; narrower than OSCP among practitioners.
6.5/10

› Exam format

Practical-based: 24-hour exam in live network. Two 12h sessions. Passing score: 70% (CPENT), 90% (LPT).

Retake policy
Fee: $499 per attempt
Wait: 0d between attempts

First retake immediate; 14 days between attempts 2-3, 1 month between 3-4, 3 months between 4-5. Max 5 attempts/year.

› Recertification

Valid for 3 years. 120 ECE credits over 3 years + annual AMF (80 USD).

› 3-year cost of ownership

Exam (1×)
$999
AMF (3×)
$240@$80/yr
Total
$1239

Excludes study materials, training, retake risk, and lost-wage opportunity. Use as a floor estimate.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

PD-WRL-007
Recognition
Global
Exam languages
en

› Core domains covered

The 2 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A9Penetration Testing & Red Teaming

Methodology (OSSTMM, PTES), web/network/mobile pentesting, social engineering, purple teaming.

A2Network Security

Firewalls, IDS/IPS, network segmentation, DNS security, SD-WAN, VPN, traffic analysis, wireless security.

› Prerequisites

Experience

Recommended: CEH or equivalent pentest experience. No formal requirement.

› Progression

requiredrecommended

Where this cert fits in the typical learning path. Required edges are vendor-gated; recommended edges reflect de facto industry progression.

Required prereqs (0)

No vendor-gated prereqs.

Recommended priors (1)
CEHEC-Council
CPENT
EC-Council
Required by (1)
LPTEC-Council
Recommended next (0)

No follow-on certs reference this one yet.

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain mapBrowse all certifications