EC-Council Certified Security Analyst (ECSA) – Penetration Testing

Join for Information Assurance Training Program to become an EC-Council Certified Security Analyst

Learn more about EC-Council Certified Security Analyst course (ECSA)

Find out the who should attend EC-Council Data Security Analyst Training

Get Security Analyst Certification in Information Assurance Training and Data Security Program

EC-Council's Certified Security Analyst ECSA - Frequently Asked Questions (FAQs)

Find here related courses for EC-Council's Certified Security Analyst Data Security Program (ECSA)

Resources for Data Security Training Program ECSA Certification


Penetration Testing Course


EC-Council Certified Security Analyst is an Advanced Penetration Testing and Risk Assessment Training Program

You are an ethical hacker. In fact, you are a Certified Ethical Hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep. You have sufficient knowledge and an arsenal of hacking tools and you are also proficient in writing custom hacking code.

Is that enough?

Can you become an industry accepted security professional? Will organizations hire you to help them protect their systems? Do you have any knowledge in applying a suitable methodology to conduct a penetration test for an enterprise client? Do you have any experience writing a custom penetration testing report?
  • Read more...   About EC-Council




The iLabs Cyber Range


Get Security Analyst Certification in Information Assurance Security Training Program

As the ECSA course is a fully hands-on program, the exercises cover real world scenario. By practicing the skills that are provided to you in the ECSA class, we are able to bring you up to speed with the latest threats that organizations may be vulnerable to.

This can be achieved with the EC-Council iLabs cyber range. It allows students to dynamically access a host of Virtual Machines preconfigured with vulnerabilities, exploits, tools, and scripts from anywhere with an internet connection.

Our web portal enables the student to launch an entire range of target machines and access them remotely with one simple click. It is the most cost effective, easy to use, live range lab solution available.
  • Read more...   About EC-Council

 Join for Information Assurance Training Program to become an EC-Council Certified Security Analyst

What’s New in ECSA V9


Acquire Advanced Skills in Data Security with EC-Council's Risk Assessment Program and Information Assurance Training

ECSA Pentest Course - Skills Based Competency

The ECSAV9 penetration testing course is designed to enhance the skills based competency of a penetration tester. This course is intensively hands-on and a tremendous amount of emphasis is placed on the practical competency of the student.

Unlike the previous version of ECSA exam, in the new ECSAv9, a student will only be allowed to challenge the ECSA exam after meeting certain eligibility requirements.

To become eligible, a student must conduct a detailed penetration test through the EC-Council iLabs Cyber range environment and submit a written report via EC-Council’s ASPEN system.
  • Read more...   About EC-Council


Who is it For?


Who Should Attend:

Ethical Hackers, Penetration Testers Network server administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment professionals.

Duration: 5 days (9:00 - 5:00) Certification

Certification Exam:

The ECSA exam aims to test a candidate’s knowledge and application of critical penetration testing methodologies.

The exam requires a candidate to perform real-world penetration testing over EC-Council’s secure cyber range and to produce a penetration test report which clearly document the vulnerabilities found.  This report will be graded by our professionals.  Candidates that successfully submit an acceptable report  will proceed on to a multiple choice exam that tests a candidates knowledge.

Candidates that successfully submit an acceptable report and the pass the multiple choice exam will be awarded the ECSA credential.


ECSA v9 Exam Information


Become Insurance Assurance Professional with Vulnerability Assessments Network Security Audit Course

The ECSAv9 exam includes 2 required stages.

Report writing stage requires candidates to perform various penetration testing exercises on EC-Council’s iLabs before submitting a penetration test report to EC-Council for assessment. Candidates that submit reports to the required standards will be provided with exam vouchers for the multiple choice exam.

Multiple choice exams are proctored online through the EC-Council Exam portal :

  • Credit Towards Certification: ECSA v9
  • Number of Questions: 150
  • Test Duration: 4 hours

The Exam

From the commencement of the 5 day class and the activation of the ECSA Dashboard on ASPEN, you will have 60 days in total to submit your penetration testing report based on the challenge scenario to EC-Council, which will prove that you undestand the concepts taught in the course. This is the eligibility criterion to enable you to challenge the ECSA exam.

The Final ECSA Exam is a Multiple Choice Question Exam.

Find out answers for Certified Risk Assessment Professional Data Security Analyst Training course

ECSA Certification Frequently Asked Questions

1 Do I need CEH to enroll for ECSA course?

Join EC-Council's Data Security Program and become Network Security Professional

You do not need to be certified with CEH in order enroll for ECSA course. However, CEH is strongly recommended. If you do not have core ethical hacking skills, this course is not for you.



2 When is my Penetration Testing Report due?

Become Penetration Testing Professional with EC-Council's Security Analyst Certification

Please note that upon  activation of your ECSA Dash Board, your ilabs Access timer will commence and the access will terminate within 30 days thereon. As such, you will have 30 days from thereon to complete your penetration testing activities on the EC-Council iLabs Cyber Range.

You must submit your final report on the ASPEN portal within 60 days of the activation of your ECSA Dash Board and ONLY  if your report is approved, will you be issued with an exam voucher code (with the validity period of one year from the date of release) to allow you to  attempt the final ECSA multiple choice exam.

3 When must I take the ECSA exam?

Become Security Analysis Professional with Vulnerability Assessments Certification

You must challenge the exam within 3 months from the date you receive your exam voucher.




4 How do I access my 30 DAY iLabs Access?

Become Security Analysis Professional with Vulnerability Assessments Certification

To activate your ECSA Practical Range, you will need to login to iLabs and access the ECSA Practical course assignment.

Click HERE to register an account: (In the event you already have an iLabs account; you are still required to register a new account in order to activate your ECSA Cyber Range)

Once you have created an iLabs account, you will need to redeem your iLabs access code under the “My Training” tab in iLabs after logging in. Your iLabs access code will be sent to your registered email id upon activation of the ECSA dashboard, The iLabs access is valid for 30 days upon activation.

5 How do I register for an ASPEN account?

EC-Council's Certified Risk Assessment Professional assess your information security systems  with Network Security Audit skills

Step 1:

Step 2:
Click Register and fill out the registration form. Click Register button.

Step 3:
Using the email you provided in step 2, follow the instructions in the auto-generated email to activate your EC-Council Aspen Portal account.

6 How do I submit my Final Penetration Testing Report?

EC-Council's Certified Security Analyst (ECSA) professional audits your Cyber Security Network and protects from Infosec Data Breaches

Step 1:
Login to your Aspen account

Step 2:
Click on ECSA v9 Dashboard

Step 3:
Click on Submit Assignment

Step 4:
Upload your report and click Submit

A notification will appear on the screen that your report has been successfully submitted. The same notification will be sent by Aspen to your email.

7 When will I know if my report meets the exam requirement?

Get EC-Council's Vulnerability Assessments Certification and enhance Security Analysis Professional skills

EC-Council decision will be sent out within 7 working days from the date of report submission.


8 How many days do I have to complete my exams (both report submission and multiple choice exam)?

Find out the requisites to attend information assurance training programs

You have 60 days from the activation of your ECSA Dash Board to complete and submit your penetration testing report. As for the multiple choice exam, you have 90 days from the date your report is approved to complete the multiple choice exam.

9 What if my penetration test report does not meet the minimum requirement?

Become Penetration Testing Professional with EC-Council's Security Analyst Certification

You can resubmit another report by purchasing the retake package (consists of a 60 day report submission access and/or iLabs access (60 days) – depending on the package).


Related Courses

Acquire Advanced Skills in Information, Network Security with EC-Council's Risk Assessment course
Get EC-Council's Advanced Ethical Hacking Penetration Testing Certification in Security Analysis



Download ECSA Course Brochure
Download ECSA Course White Paper