Full Disclosure mailing list archives
RE: Hacking Boot camps!
From: srenna () lcssecuritygroup com
Date: Thu, 24 Nov 2005 10:36:29 -0700
I have to disagree in part about SANS being shit. I personally hold two GIACs that I had written extensive papers on to attain. I learned a good bit while writing the two; however, it was through personal determination and grit that enabled me to do so, not through any SANS training as my employer had sent about 7 people to get theirs and none had successfully completed it. I never received any training from SANS so I can't comment on how effective it is; however, I used real world experience to gain my own certs, so I presume others are capable of this as well. SANS is a good concept in theory, lets make it easier for those that have an interest in IT Security to learn. However, their exhorbitant fees and the mentoring program need a serious retooling. When I was doing my challenge options, only about 1.5-2 years ago, the price was $450. Now, it has been elevated significantly to $800. The explanation for this is that instruction materials are being taken by others and utilized in their own classes, hence, SANS must charge more to protect Intellectual Property(yeah, doesn't make the most sense). The mentoring program is BALLS and I agree that SANS puts the "honor" of being a mentor onto a certified individual, yet pays them next to nothing to perform the task of devaluing ones certification. I was about to serve as a mentor, until I realized how much work is required for the person who is serving as the mentor and the amount of money they are paid for their hard work. I think I worked out something like 3% of the total a student pays to SANS goes to the Mentor, while SANS collects nearly 3k on each student, the instructor gets paid next to nothing. Then I realized that ignorant fools could take a SANS class, take two EASY exams and become a GIAC, without the need to write a paper. Eliminating the paper requirement, in my mind, is just a ploy to get more folks to fork over cash to SANS. With the new distinction between GIAC and GIAC Gold, we're set for a flood of underqualified applicants being sent to class by employers for those that really have no desire to learn. SANS gets paid, qualified individuals become further devalued as more "boot campers" get GIACs and everyone lives happily ever after
-------- Original Message -------- Subject: Re: [Full-disclosure] Hacking Boot camps! From: InfoSecBOFH <infosecbofh () gmail com> Date: Thu, November 24, 2005 4:43 am To: full-disclosure () lists grok org uk Bottom line is... and you can ignore the SANS instructor/SANS zealot post... SANS = SHIT. Now that I am in a position with my employer to hire and fire people... I will not even consider an applicant who touts his SANS certification as something to be proud of or something to make him more skilled than the next. And, now that I am in a senior position at my employer, I am doing everything I can to stop my employer from paying the EXTORTION fees to SANS in order to be a part of their what works program and any of their training. You know what makes me smile everyday... the knowledge in knowing that I am not the only senior infosec person at a major corporation who feels this way about SANS. Fuck SANS. FUCK EM ALL! http://dictionary.reference.com/search?q=sans#without sans ( P ) Pronunciation Key (snz, sä) prep. Without. -------------------------------------------------------------------------------- [Middle English, from Old French, blend of Latin sine, without, and absenti, in the absence of, ablative of absentia, absence from absns, absent- present participle of abesse, to be away. See absent.] On 11/23/05, senator.crabgrass () comcast net <senator.crabgrass () comcast net> wrote:Maybe it is not what you know but who you know. Best of luck with that grail thing, finding it is veiled, holding it is easy, keeping it polished is where the work is. -- vote for meOn 11/23/05, senator.crabgrass () comcast net <senator.crabgrass () comcast net> wrote:... the cert game is nothing more than a lucrative revenue generator. Foreither the test givers or the vender pusher or the land of test king. a few respectable names in their roster[1]; i wonder why they don't name the instructor giving each presentation on their conference schedule[2]... i have a theory: the more legitimately skilled you are, the less you instruct and the more you are paid. a nice way to convert reputation into ca$h! [maybe i can get in on this racket once i attain the holy grail of CPA, GCFW, CISSP, CISM, CISA, CCNA, CCSE, CCSA, GIAC, GCIA, GSNA, GCFA, GCIH, GCUX, GSEC, QUE, WTFBBQ] 1. http://www.sans.org/instructors.php 2. http://www.sans.org/index.php_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Hacking Boot camps!, (continued)
- Re: Hacking Boot camps! senator . crabgrass (Nov 23)
- Re: Hacking Boot camps! coderman (Nov 23)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 23)
- Re: Hacking Boot camps! coderman (Nov 23)
- Re: Hacking Boot camps! senator . crabgrass (Nov 23)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 24)
- Re: Hacking Boot camps! Marco Ermini (Nov 25)
- RE: [inbox] Re: Hacking Boot camps! Exibar (Nov 25)
- Re: [inbox] Re: Hacking Boot camps! Disco Jonny (Nov 26)
- RE: [inbox] Re: Hacking Boot camps! Exibar (Nov 28)
- Re: [inbox] Re: Hacking Boot camps! InfoSecBOFH (Nov 26)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 24)
- Re: Hacking Boot camps! senator . crabgrass (Nov 23)
- RE: Hacking Boot camps! MH (Nov 30)
- Re: Hacking Boot camps! InfoSecBOFH (Nov 30)