Effective November 1, 2024, OffSec will replace the current OSCP exam with an updated version. The updated exam version will include the following changes:
- Enhancements to the Active Directory portion of the exam
- Removal of bonus points
Why the change?
To meet the changing cybersecurity landscape, and best prepare our learners for the real world including the most recent scenarios, we’ve updated the Active Directory portion of this exam. This update provides learners the ability to work through an “assumed compromise” where the learners start with a standard user account on the AD domain with the goal of full domain compromise.
As the OSCP is the only OffSec certification that allows learners to earn bonus points (up to 10) toward their exam, removing bonus points aligns the OSCP with other exams, and provides more consistency, fairness, and continuity among all OffSec exams and certifications.
Read more about the exam changes and bonus points options in OSCP Exam changes.
Introducing OSCP+
Beginning November 1, 2024, when learners pass the updated exam, they will earn both the OSCP and OSCP+ certification. The OSCP+ designation will differ from the existing OSCP certification in only one way–it will expire three (3) years from issuance. During those three years learners will have the opportunity to maintain the “+” designation by completing one of three continuing education paths:
- Take and pass a recertification exam within 6 months of the + expiry date
-
Take and pass another qualifying OffSec certification exam before your + expires. List of qualifying exams:
- OSEP (OffSec Experienced Penetration Tester)
- OSWA (OffSec Web Assessor)
- OSED (OffSec Exploit Developer)
- OSEE (OffSec Exploitation Expert)
- Successful completion of OffSec’s new CPE program, details of which will be announced in late 2024-early 2025
Note: the list of qualifying exams is preliminary and subject to change.
OSCP+ not only reflects the holder's expertise in cybersecurity but also signifies that they are up-to-date with the latest industry standards and practices. The "+" designation highlights a learner’s commitment to continuous learning and staying current in a field that is constantly evolving.
Learners who choose not to maintain the + designation will still keep their OSCP certification.
Please note: The OSCP certification has no expiration date and continues to be valid indefinitely. As such, individuals who currently hold an OSCP certification, who pass the OSCP exam before November 1, 2024, or who decide not to maintain an OSCP+ certification after it expires, will have their OSCP certification remain valid for life. Their credential remains a valuable and respected indicator of their skills and knowledge. While it doesn’t carry the + designation, the OSCP certification still represents a strong foundation in cybersecurity.
The OSCP certification has been very important to OffSec, as well as the entire cybersecurity industry. We take our role as caretakers of the OSCP seriously, ensuring it continues to represent the high standards it is known for. The OSCP will continue to play its vital role in offensive security and penetration testing. The new OSCP+ designation will demonstrate not just mastery of the material, but also the timeliness of the knowledge.
Existing OSCP holders who want the OSCP+ certification
Since the OSCP+ exam is a different exam than the current OSCP, existing OSCP holders will have the option to sit for and pass the new OSCP+ exam at the significantly discounted rate of $199 USD. If you are interested in taking the new exam, we’ll open registration in November 1, 2024 and alert OSCP holders of this availability.
Learn more in FAQ sessions
You will have two options to join a live FAQ session hosted by Jim O’Gorman.
- Friday, September 6, 2024 at 9:00 am ET: This FAQ webinar we’ll talk about the exam updates, the new certification, and answer questions live. This session will be recorded and shared with all registrants.
- Friday, September 6, 2024 at 1:00 pm ET: We will host community office hours on Discord to discuss the exam updates and the OSCP+ feature.
Frequently Asked Questions
I already have an OSCP, does this change my certification?
The changes we are introducing now do not affect your existing OSCP in any way. You will have that certificate for life.
I am currently going through the PEN-200 course, is the course getting new modules to help prepare for the updated OSCP+ exam?
No. The PEN-200 course content relevant for the exam remains unchanged and continues to prepare learners thoroughly for the updated OSCP exam. The new AWS module has been added to the course, but it is not yet part of the exam.
The removal of bonus points does not negatively impact your chances of passing. In fact, the exercises that previously earned bonus points were designed to help learners prepare more effectively for the exam, which remains the case.
What happens to the OSCP+ designation after the 3 years expires?
- Before the three-year expiration, learners will have the opportunity to maintain the “+” designation by taking the recertification exam or completing the OffSec CPE program.
- If the certificate holder lets the OSCP+ expire, the OSCP will still be kept, a lifetime certificate.
If I earned my OSCP+, what will happen to my certification if I don’t take the re-certification exam after three years?
If you don’t take the re-certification exam during the three years, your certification will lose its + designation; you still hold the OSCP. During those three years, learners will have the opportunity to maintain the “+” designation by completing one of three continuing education paths:
- Take and pass a recertification exam within 6 months of the + expiry date
-
Take and pass another qualifying OffSec certification exam before your + expires. List of qualifying exams:
- OSEP (OffSec Experienced Penetration Tester)
- OSWA (OffSec Web Assessor)
- OSED (OffSec Exploit Developer)
- OSEE (OffSec Exploitation Expert)
- Successful completion of OffSec’s new CPE program, details of which will be announced in late 2024-early 2025
Note: the list of qualifying exams is preliminary and subject to change.
I am an OSCP holder, how can I get the OSCP+?
You can take the updated OSCP+ exam anytime after November 1st, 2024. Once you pass, you will receive both the OSCP and OSCP+.
For a limited time, as an existing OSCP holder, you can purchase the updated exam at an exclusive promotional price of $199 USD if purchased between November 1, 2024 to March 31, 2025. The promotional price is only applicable for the first purchase. After March 31, 2025, the price to take the OSCP+ exam, for existing OSCP holders, will go up to $799.
As an OSCP holder, will I receive the OSCP+ designation if I earn another OffSec certification after November 1, 2024?
No, earning another OffSec certification after November 1, 2024, will not automatically grant you the OSCP+ designation. You must first pass the updated OSCP exam to earn OSCP+. Once you have OSCP+, earning a qualifying OffSec certification will help you maintain and extend your OSCP+ designation.
Can I get the promotional price for the updated OSCP exam if I’m not an OSCP holder?
No. The promotional price of $199 USD is a special offer available exclusively to those who already hold the OSCP certification.
Will any other certifications get a plus in the future?
We are exploring adding the plus to many of our existing certifications, however, we do not have specific details or timelines at this time. We recommend checking our website regularly for the latest updates and announcements regarding certification policies.
What happens if I fail my OSCP+ recertification exam?
If you are an OSCP holder, retaking the OSCP+ exam after November 1, 2024, to get the + designation, and you fail, you will still have your OSCP. But, to get the OSCP+, you have to re-purchase the OSCP+ recertification.
I am new to OffSec, how can I get the OSCP+ certification?
If you believe you will need the training to help you better prepare for the exam, you have the following options:
- Course & Cert Exam Bundle: Select PEN-200 as your course and get 1 OSCP exam attempt valid for 120 days from your lab end date.
- Learn One Subscription: Select PEN-200 as your course and get 2 OSCP exam attempts valid throughout your subscription period.
- Learn Unlimited: Get unlimited access to all our online content and unlimited exam attempts during the validity period of your subscription.
If you are ready to take the exam without training, you can purchase the OSCP+ certification without training, which includes 2 OSCP+ exam attempts valid for 120 days from the date of purchase. This will be available to purchase on November 1, 2024.
I have an active Learn One subscription for PEN-200 that remains valid for a few months after November 1, 2024. I took my first OSCP exam attempt and earned OSCP certification. Can I use my remaining exam attempt to earn the OSCP+?
If you passed the OSCP exam before November 1st, you may use any remaining OSCP exam attempts from your Learn subscription (applicable to both Learn One and Learn Unlimited) to attempt the new OSCP+ exam after November 1st, 2024 and gain the Plus designation, for as long as your Learn subscription exams are still valid.
What happens if I use up my OSCP exam attempts included in the PEN-200 Course & Cert Exam Bundle or Learn One subscription and need to retake the exam after November 1, 2024?
If you’ve exhausted your OSCP exam attempt(s) from the PEN-200 Course & Cert Exam Bundle or Learn One subscription and need to retake the exam after November 1, 2024, you can purchase a regular exam retake for $249. This retake will allow you to take the updated OSCP exam and earn OSCP+ upon passing.
For current OSCP holders who want to obtain OSCP+, you can purchase the recertification exam for $199 if you buy it between November 1, 2024, and March 31, 2025. However, please note that this $199 promotional rate applies only to your first recertification exam purchase. If you do not pass on the first attempt, any subsequent recertification attempts will cost the regular price of $799, even if it's within the promotional period.
I don't hold the OSCP yet and I recently purchased an OSCP retake. Will it still be valid after November 1st, 2024, when the OSCP+ takes effect?
Yes, your OSCP retake remains valid for 120 days from the date of purchase, even after November 1st, 2024. The introduction of the OSCP+ does not change the validity of regular exam retakes. You can use your purchased retake to take the exam after November 1st, and if you pass, you will earn both the OSCP and OSCP+ designations.
What’s the cost to get the OSCP+
It depends on the learners' current certifications, progress, or subscription level.
- If the learner has achieved their OSCP before Nov 1, 2024, they can pay $199 between November 1, 2024, and March 31, 2025, and get one exam attempt to achieve the OSCP+. After March 31, 2025, this price will increase to $799.
- If a learner has never achieved an OSCP, and has an active subscription to the PEN-200 via a Course & Certification Bundle or Learn One, they can take the course and pass the exam after November 1, and they’ll be awarded the OSCP+ at no additional cost.
- If a learner has never achieved an OSCP, and they have an active Learn Unlimited Subscription, with unlimited exam attempts, they are able to use an exam attempt on the OSCP+ anytime after November 1, 2024, at no additional cost.
- If a learner has never achieved an OSCP, and has an active Learn Enterprise subscription, they will need to contact their administrator or OffSec Sales to assign or purchase an OSCP+ exam attempt.
- If a learner has never achieved an OSCP, and they don’t have an active subscription or course and certification bundle with OffSec, they can pay $1699 on or after November 1, 2024 and get a stand-alone certification exam that provides two exam attempts to achieve the OSCP+.
- If the learner is an active Learn One or Learn Unlimited subscriber and has passed the OSCP, they may use their second exam attempt to sit for the OSCP+ exam after November 1, 2024, at no additional cost.
- If a learner has never achieved an OSCP, and is or was enrolled in PEN-200 through Course & Cert Exam Bundle or Learn One, but has used up their OSCP exam attempt(s), they can purchase the regular exam retake at $249.