Penetration Testing mailing list archives
RE: Re: GCIA, GSEC, GCIH, CISSP, CEH ???
From: "Erin Carroll" <amoeba () amoebazone com>
Date: Tue, 18 Dec 2007 22:23:49 -0800
I rarely chime in on the certification threads but I'm going to have to agree with Craig here for the most part. The SANS tests are thorough and relatively current. However, as another poster pointed out, they used to be much harder to obtain as in the murky past there was a requirement for the certs for passing the test *and* publishing a whitepaper for peer review. Nowadays that's a platinum level cert. However, the majority of the more well-known certifications aren't exactly shabby either, it just depends on what you want to get out of your time. Each have their strengths in terms of subject matter taught or concepts explored. Focus on the courses/certs that place greater importance in the "hands-on show me what you've learned" aspect. I haven't had the chance to try the OSSTMM tests from isecom but I've heard some good things about the work Pete et al are doing. When it comes down to it, find something that lights your fire and pursue it. The best training course or certificate in the universe isn't going to help you if the material bores you out of your mind and you don't constantly use what you've learned :)
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of cwright () bdosyd com au Sent: Tuesday, December 18, 2007 8:31 PM To: pen-test () securityfocus com Subject: Re: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Hi, My vote goes with SANS/GIAC. Take the GSE GIAC Platinum level tests and then you really are being tested. Having 20 something GIAC certs and most of the major other ones, I think I am rather unique in being able to compare these from experiance. In this, my money goes to the SANS GIAC ones. Regards, Dr Craig S Wright (GSE-Compliance) -------------------------------------------------------------- ---------- This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads -------------------------------------------------------------- ----------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- RE: GCIA, GSEC, GCIH, CISSP, CEH ???, (continued)
- RE: GCIA, GSEC, GCIH, CISSP, CEH ??? Ardian Silvano (Dec 18)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? mgk.mailing (Dec 19)
- Message not available
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Walter Cuestas (Dec 19)
- RE: GCIA, GSEC, GCIH, CISSP, CEH ??? Ferris, Joe (Dec 20)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Cristian Serban (Dec 20)
- Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Jim Clausing (Dec 20)
- RE: GCIA, GSEC, GCIH, CISSP, CEH ??? Chadha, Sachin (Dec 23)
- RE: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Erin Carroll (Dec 18)
- Re: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? infolookup (Dec 19)
- Re: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? xelerated (Dec 19)
- RE: RE: Re: GCIA, GSEC, GCIH, CISSP, CEH ??? Erin Carroll (Dec 19)