
Sep 4, 2024
Everything you need to know about the OSCP+
We’re sharing all of the important information related to the OSCP+ so you can know what this means for past, current and future learners.
OffSec is announcing some updates to the OSCP exam which, effective November 1, 2024, will result in the addition of a “+” designation for newly certified OSCP holders. That means, upon passing the exam, you’ll receive two certifications: OSCP+ and OSCP.
The OSCP+ certification will differ from the existing OSCP certification in only one way–it will expire three (3) years from issuance, whereas your OSCP certification does not expire. If you allow your OSCP+ to expire, you will still have your OSCP.
Individuals who currently hold an OSCP certification, who pass the OSCP exam before November 1, 2024, or who decide not to maintain an OSCP+ certification after it expires, will have their OSCP certification remain valid for life. Their credential remains a valuable and respected indicator of their skills and knowledge. While it doesn’t carry the + designation, the OSCP certification still represents a strong foundation in cybersecurity.
To learn more about these changes you can:
- Read the help center article
- Join us for a Q&A webinar on Friday, September 6 at 9am ET
- Join us for Discord Office Hours on Friday, September 6 at 1pm ET
- Review this YouTube overview video from Tyler Ramsbey
- Read this X post with a video from @0xTib3rius
Thanks to our community members for your continued passion and support for the OSCP and OffSec.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec

Research & Tutorials
CVE-2025-24893 – Unauthenticated Remote Code Execution in XWiki via SolrSearch Macro
An RCE vulnerability in XWiki was found allowing unauthenticated attackers to execute arbitrary Groovy code remotely without authentication or prior access.
Jun 5, 2025
2 min read

Insights
OffSec’s Take on the Global Generative AI Adoption Index
Discover OffSec’s take on the latest Global Generative AI Adoption Index report released by AWS.
May 30, 2025
3 min read

Research & Tutorials
CVE-2025-0655 – Remote Code Execution in D-Tale via Unprotected Custom Filters
A critical remote code execution (RCE) vulnerability in the D-Tale data visualization tool was identified which allowed attackers to execute arbitrary system exams, abusing an exposed API endpoint.
May 29, 2025
2 min read