EC-Council Certified Security Analyst


EC Council Certified Security Analyst (ECSA) augments the Certified Ethical Hacker(CEH) certification by delving into the diagnostic phase of ethical hacking. While we know, the Certified Ethical Hacker certification mainly exposes the learner to a wide range of hacking tools and technologies, the Certified Security Analyst course takes a deeper plunge by enabling the learner to closely explore and analyze the outcome from these tools and technologies.

Accredited by


Group Training

Looking for a personalized training for a group (3 or more participants) at your preferred location?
Contact us

GreyCampus is an EC-Council ATC

Course Overview


The ECSA program offers a coherent learning progress and continuation to the same path where the CEH program left off. The new ECSA v10 includes updated curricula and an industry-integrated comprehensive series of penetration testing methodology. This allows a learner to upscale his ability in applying newer skills which are learned through intensive practical labs testing and challenges.

Unlike most other penetration testing programs which tend to follow a generic kill chain methodology; the ECSA presents a set of noticeable, comprehensive and detailed methodologies that are able to cover different pen testing requirements across different domains. It is a highly engaging, interactive, intensive 5-days training program that teaches Information Security professionals how professional real-life penetration testing is conducted. Although such knowledge, skills, and abilities are covered in the new CEH v10 program, simultaneously we also have re-engineered the ECSA program as a progression and upgraded version from the former.

This course is a major component of the VAPT Track of EC-Council. This is a “Professional” level course, with the Certified Ethical Hacker being the “Core” and the Licensed Penetration Tester being the “Master” level certification.

In the brand new ECSA v10 course, if students who pass the knowledge exam are eligible to pursue a fully practical exam. This provides them with a platform to test their skills, thereby helping to earn the ECSA (Practical) credential. This new credential acknowledges the employers to judge the authenticity of the skills of the student easily.

  • Instructor led training modules: 1 Year
  • Official e-courseware: 1 Year
  • Access to EC-COUNCIL iLabs: 6 Months
  • Course completion certificate: Yes
  • ECSA Exam Voucher:: Yes

Course Outline


Call us


Live chat


Contact us

Frequently Asked Questions


A: The ECSA (Practical) is a 12-hour, stringent practical exam which is built to test your penetration testing skills.
ECSA (Practical) offers you with an organizational network environment, which consists of multiple hosts. The internal network consists of several subnets which house various organizational units which are made up of militarized and demilitarized zones which are connected with an enormous composition of database servers in a database zone. As a security precaution, all the internal resource zones are confi­gured by design with different subnet IPs. The militarized zone consists of application servers and domain controllers that provide application structures for various departments of the organization.

The candidates are required to exhibit the application of the penetration testing methodology that is presented in the ECSA program. This is required to conduct an exhaustive security audit of an organization just like reality. Initially, you would start with challenges which require you to perform progressive network scans beyond perimeter defenses. This would lead to manual and automated vulnerability analysis, customization, exploitation of selection, launch, and post exploitation tactics.

A: Credit Towards Certification: ECSA

Number of Questions: 150

Test Duration: 4 Hours

Passing Score: 70%

Test Format: Multiple Choice

Test Delivery: ECC Exam Portal


A:  Maps to NICE 2.0 Framework

ECSAv10 maps to NICE framework’s Analyze (AN) and Collect and Operate (CO) specialty area.

A blend of both automated and manual penetration testing approach

There are a number of automated pen testing tools which are available in the marketplace which includes high-priced sophisticated tools, but these are not sufficient. Most advanced and latest tools hardly hold any value to the extent that no one knows their utility.

One such perfect complement to automated penetration testing is the manual penetration testing. There is certain penetration test such as logic testing which cannot be performed using automatic tools. It requires human intercession to test such susceptibilities.

Devised on the basis of commonly used penetration testing services as provided by the service providers and consulting firms in the market:

  • Network Penetration Testing

Detect security issues in network design and implementation.

  • Web Application Penetration Testing

Identify security issues in the web applications which may exist due to vulnerable design and development practices.

  • Social Engineering Penetration Testing

Keep a close eye on employees who do not authenticate, validate, follow or handle the technology and processes properly.

  • Wireless Penetration Testing

Detect misconfigurations in the wireless infrastructure within the organization including WLAN, Mobile.

  • Cloud Penetration Testing

Resolve the security issues within the cloud infrastructure of the organization.

  • Database Penetration Testing

Clearly identify security concerns in the configuration of the database server and their relevant instances.

Hands-on lab tests demonstrating real-time and practical and experience on each of area of penetration testing

Having a practical knowledge can instill a deeper understanding of the concept in the tester. The course is aimed at providing a practical experience through hands-on labs on thorough penetration testing procedure starting from inspecting and engagement to writing the report. The student will get a direct and straight experience by closely working on these hands-on labs.

All New Module for Social Engineering Pen Testing

The ECSA curriculum presents an extensive Social Engineering Pen Testing Methodology in comparison to other programs. Acs per the 2017 Verizon Data Breach Investigation Report, an overall of 43% of the documented breaches were mainly related to social engineering attacks.

In this context, the ECSA program is carefully developed and designed and has an exhaustive coverage of the pen testing domain.

Increased Focus on Methodologies

ECSA V10 delivers an enhanced concentration on the methodology for web application, network, wireless, database, and cloud pen testing in comparison to other certifications which cover this lightly.

The new ECSA v10 program covers those tools learned in the CEH course and also includes a huge variety of comprehensive inspection and engagement penetration testing methodologies that develops upon the best from OSSTMM, ISO 27001, and NIST Standards.

Presents an exhaustive deal of inspection and engagement methodology

One of the most important components of a penetration test is determining the scope of a penetration test. Although this is also one of the most overlooked portions in most of the penetration testing programs. In the course, a complete module is dedicated to describing the pre-engagement activities in detail. This discusses on how to initiate and set the scope and Rule of Engagement (RoE) for the penetration test assignment.

Provides strong reporting writing guidance to draft valuable and comprehensive penetration report

The report is the concrete output of the testing process and the only real proof that a test actually took place. In the end, it is the report that is bankable in penetration test assignment. For reports which are not drafted or planned properly, the client might disagree with the verdict of a test and this will not justify the obligation of the test. A complete separate module is devoted in the course to explain the skills required to draft effective pen test report depending upon the target audience.

Furnishes standard templates required during the penetration testing process

The course is a package consisting of a bunch of standard templates. These are necessary as these help the students during the scoping and engagement process and also assist in collecting and reporting the ultimate test results. So far, no other program offers a set of extensive penetration templates like the ECSA.


  • Penetration Testers
  • Ethical Hackers
  • Firewall Administrators
  • Network server administrators
  • System Administrators and Risk Assessment professionals
  • Security Testers

A: iLearn is EC Council’s online, self-paced option. This implies all the modules which are taught in the live course are recorded, registered and presented in a streaming video format. It gives an option to the candidate to set up his own learning speed by taking occasional pauses in between the lectures and return to the study plan as per the schedule.

500 +

Expert Trainers

250000 +

Hours Delivered

100000 +

Professionals Trained

Got queries?