Member-only story
As of November 1, 2024, the Offensive Security Certified Professional (OSCP) exam is undergoing significant changes that all aspiring cybersecurity professionals need to be aware of. In this blog, we’ll break down the key updates to the OSCP exam, introduce the new OSCP+ certification, and explore what these changes mean for your career in cybersecurity.
Major OSCP Exam Changes
The OSCP exam has been a benchmark for penetration testers, and with these updates, it’s getting even more aligned with real-world scenarios. The most notable change is in the Active Directory (AD) portion of the exam. Instead of just testing skills, the AD section will now involve an “assumed compromise” scenario. You’ll start with a standard user account on the AD domain and work your way toward a full domain compromise. This shift is designed to better reflect the modern penetration testing landscape, where starting from a compromised position is more common.
Another significant update is the removal of bonus points. Previously, candidates could earn bonus points through specific lab activities, but starting in November, this option will be eliminated. The goal here is to ensure consistency across all Offensive Security exams and to emphasize the core skills needed to succeed as a cybersecurity professional.
