EC-Council Certified Security Analyst v10


EC-Council Certified Security Analyst v10

ECSA Course Overview

EC-Council’s ECSA Certification Training has been designed to provide a real-world, hands-on penetration testing experience, and to help the individuals in taking the ESCA theory and ECSA Practical exam confidently. Since ECSA is an extension of CEH Certification, our Certified Security Analyst Certification training also aims to enhance the advanced security skills, which will help the individuals to analyze the outcome of hacking tools and technologies. Some of the key features of this training course are:

  • The official EC-Council curriculum is followed.
  • Experienced trainers to offer clear insight into the theory and practical course.
  • Multiple training options (Bootcamp, online, onsite, etc.) available.

New version Certified Penetration Testing Professional – CPENT is now available.

Why take ECSA?

1. Maps to NICE 2.0 Framework

ECSAv10 maps to NICE framework’s Analyze (AN) and Collect and Operate (CO) specialty area

2. ALL NEW Module for Social Engineering Pen Testing

The ECSA curriculum presents a comprehensive Social Engineering Pen Testing Methodology where others program only makes a mere reference of this. According to 2017 Verizon Data Breach Investigation Report, on an overall, 43% of the documented breaches involved social engineering attacks!

We see this as a huge gap and that is where, the ECSA program is carefully designed and developed to be comprehensive in its coverage of the pentesting domain.

3. Increased Focus on Methodologies

ECSA V10 brings an enhanced concentration on methodology for network, web application, database,
wireless, and cloud pen testing, whereas other certifications cover this superficially.

The new ECSA v10 program takes the tools you have learnt in the CEH and includes a wide-range of comprehensive scoping and engagement penetration testing methodologies that improves upon the best from ISO 27001, OSSTMM, and NIST Standards.

4. Blended with both manual and automated penetration testing approach

There are many numbers of automated pen testing tools out there in the marketplace including high-priced sophisticated tools, but they are not adequate. Most advanced tools are of little value if no one knows how to use them.

Manual penetration testing is the perfect complement to automated penetration Testing. Certain penetration test such as logic testing cannot be performed using automated tools. It requires human intervention to test against such vulnerabilities.

According to the MITRE Corporation, automated pen testing tools cover only 45% of the known vulnerability types. Hence, the remaining 55% requires manual intervention.

5. Designed based on the most common penetration testing services provided by the penetration testing service providers and consulting firms in the market including:

  • Network Penetration Testing – Identify security issues in network design and implementation
  • Web Application Penetration Testing – Detect security issues in web applications that exists
    due to insecure design and development practices
  • Social Engineering Penetration Testing – Identify employees that do not properly authenticate,
    follow, validate, handle, the processes and technology
  • Wireless Penetration Testing – Identify misconfigurations in organization’s wireless infrastructure including WLAN, Mobile,
  • Cloud Penetration Testing – Determine security issues in organization’s cloud infrastructure
  • Database Penetration Testing – Identify security issues in the configuration of database server and their instances

6. Presents a comprehensive scoping and engagement methodology

Defining scope of penetration test is arguably one of the most important components of a penetration test, yet it is also one of the most overlooked in most of the penetration testing programs. A complete module is dedicated in the course to describe the pre-engagement activities in detailed, tells how to initiate and set the scope and Rule of Engagement (RoE) for the penetration test assignment.

7. Provides strong reporting writing guidance to draft valuable and comprehensive penetration report

The report is the tangible output of the testing process, and the only real evidence that a test actually took place. Ultimately, it is the report that is sellable in penetration test assignment. If it is not well planned and drafted, the client may disagree with the findings of a test and will not justify the expense of the test. A separate module is dedicated in the course to describe the skills required to draft effective penetration test report depending upon the target audiences.

8. Hands-on labs demonstrating practical and realtime experience on each of area of penetration testing

Practical knowledge can lead to a deeper understanding of a concept through the act of doing. The course is also aiming to provide practical experience through handson labs on thorough penetration testing process from scoping and engagement to report writing The student will get a direct experience by working on these hands-on labs.

9. Provides standard templates that are required during penetration test

The course is bundled with the bunch of standard templates that are necessary which helps students during scoping and engagement process well as collecting and reporting test results. No other program offers a set of comprehensive penetration templates like the ECSA!

The Purpose of the ECSA Certification Course?

The ECSA penetration testing course provides you with a real world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching the students how to document and write a penetration testing report.

The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH) and elevates your ability into full exploitation by teaching you how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology.

  • Focuses on pentesting methodology with an emphasis on hands-on learning
  • The exam will now have a prerequisite of submitting a pentesting report
  • The goal of these changes is to make passing ECSA more difficult; therefore, making it a more
    respected certification
Target Audience
Ethical Hackers
Penetration Testers
Security Analysts & Security Engineers
Network Server Administrators
System Administrators
Firewall Administrators & Security Testers
Risk Assessment Professionals
Course Pre-Requisite

You should have the following experience before attending this course:

  • A minimum of one years experience managing Windows/Unix/Linux systems
  • An understanding of common network and security services
Overview Course Outline About the exam

Learning Objectives for ECSA v10 Training Course

The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH) and enhances your ability into full exploitation by teaching you how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology. It focuses on pentesting methodology with an emphasis on hands-on learning

Upon Completion of this Course, you will accomplish following:

  • Introduction to Penetration Testing
  • Penetration Testing Scoping and Engagement Methodology
  • Open Source Intelligence (OSINT) Methodology
  • Social Engineering Penetration Testing Methodology
  • Network Penetration Testing Methodology -External, Internal & Perimeter Devices
  • Web Application Penetration Testing Methodology
  • Database Penetration Testing Methodology
  • Wireless Penetration Testing Methodology
  • Cloud Penetration Testing Methodology
  • Report Writing and Post Testing Actions

The EC-Council Certified Security Analyst (ECSA v10) training and certification course is a continuation of CEH program .The updated 10th versions of ECSAv10 includes updated curriculum matching the industry progress and similar step-by-step penetration testing methodology. The ECSA follows a set of methodologies which covers the pentesting requirements across various verticals.

In the new EC-Council Certified Security Analyst (ECSA v10) training course the regular exam is followed by an option to write a practical exam to test the skills acquired earning the ECSA (Practical) credential. This validates the practical skills for industry readiness.

This course covers:

Module 00: Penetration Testing Essential Concepts (Self-Study)
Module 01: Introduction to Penetration Testing and Methodologies
Module 02: Penetration Testing Scoping and Engagement Methodology
Module 03: Open-Source Intelligence (OSINT) Methodology
Module 04: Social Engineering Penetration Testing Methodology
Module 05: Network Penetration Testing Methodology – External
Module 06: Network Penetration Testing Methodology – Internal
Module 07: Network Penetration Testing Methodology – Perimeter Devices
Module 08: Web Application Penetration Testing Methodology
Module 09: Database Penetration Testing Methodology
Module 10: Wireless Penetration Testing Methodology
Module 11: Cloud Penetration Testing Methodology
Module 12: Report Writing and Post Testing Actions

Exam Codes412-79 (ECC EXAM)
Number of Questions150 questions per exam
Type of QuestionsMultiple choice
Length of Test4 Hours / 240 Minutes
Testing ProviderECC EXAM PORTAL
Passing Score70%

Course Highlights

EC-Council Authorized Partner
96% passing rate
Get certified at an affordable price
Blended learning delivery model
CEI Certified Trainers


  • Unit 15B Penthouse Atherton Place, Tomas Morato, Corner Don A. Roces Ave, Quezon City, 1103 Metro Manila
  • +(632) 7905 8718


View our Course Documents below with the current Curriculum and Pricing presented in an easy to read guide for the course offered.


Training at TechED has been amazing. The instructor has provided us with so much in depth knowledge regarding the course including course material which are detailed and a lot of iLabs for hands on experience. Would recommend for anyone looking to study.

Francis C.

Network Security Administrator, Manufacturing Sector

The instructor is exceptionally knowledgeable and provided valuable additional content and labs.

Erick Z.

Cybersecurity Director, BPO Industry

Considering the difficult times we live in with COVID-19, the online training delivery as well as the staff were superb.

The course really keyed in all the topics of the exam. The material slides, documentation, labs was well written and presented. The instructor really knew his stuff and you could tell he was passionate about the subject. 

Christian L.

IT Manager, Health Sector

TechED's training was excellent. The trainer was able to explain all the material and extra on top of that which I think will help me with future training and in my work environment. I would highly recommend it to anyone wishing to further their knowledge in a quick and easy way.

Mike S.

US Military

The Cybersecurity Trainings and Instructor provided by TechED are a must for anyone working in the field. It provides a wealth of useful information that might be useful when you get back to work.

Richard J.

Cybersecurity Specialist, US DOD Contractor

At vero eos et accusamus et iusto odio digni goikussimos ducimus qui to bonfo blanditiis praese. Ntium voluum deleniti atque.

Melbourne, Australia
(Sat - Thursday)
(10am - 05 pm)

No products in the cart.

Subscribe to our newsletter

Sign up to receive latest news, updates, promotions, and special offers delivered directly to your inbox.
No, thanks