Penetration Testing mailing list archives
RE: Security Certifications for SOC team
From: "Craig S. Wright" <craig.wright () Information-Defense com>
Date: Wed, 4 Mar 2009 12:39:01 +1100
SANS and GIAC do not require that you take all of the courses. There are exam challenges available. These cost a good deal less if budget is an issue. They are also a way of vetting people you may want to hire. I know that this is a cost, but if a person is not certified and going for a position and you want to hire them, what is the better option: 1 Hire them and possibly make a mistake (costing a good deal) 2 Have them take a test (and lose $899 max). Next, the instructors do vary. I have lead a couple classes here in Au (mentor for AUD507) and plan to do some more later this year. The formats also include CBT and mentoring other than the 6 days in a row. As for vendor ware - having nearly 30 of the SANS certs completed, I can categorically state that the only vendor related material is that which is necessary. For instance, the Windows security courses are Microsoft focused. As for a requirement to go to the training, I will speak up. I have challenged around 65% of the certificates. The training is great, but there is no way that I can give up 10 weeks a year average for it. Also think down the track. Even if you have challenged the exam, when you re-certify you get the material - and not at conference rates. Having taken course from many of those listed in the emails, I stand by SANS being one of the best. I still have not seen another with the depth of SEC709 (Steve Simms) for creating exploits. ... Dr. Craig S Wright GSE-Malware, GSE-Compliance, LLM, & ... Information Defense Pty Ltd -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Andre Gironda Sent: Wednesday, 4 March 2009 3:42 AM To: pen-test () securityfocus com Cc: Scott; Alcides; John Perea Subject: Re: Security Certifications for SOC team On Mon, Mar 2, 2009 at 11:39 PM, Scott <opiesan () gmail com> wrote: Scott,
Wow, didn't mean to ruffle your feathers Andre. I meant that SANS doesn't bias towards any equipment/software vendor during their training. I see your point about SANS being a vendor when it comes to training, but frankly, who isn't? If you're paying a company to provide training of course they're going to focus on their own offerings above others. I'm taking the Offensive-Security training now and while it's much more hands on than my SANS classes were they haven't mentioned other training organizations either. I don't fault them for it because I'm not paying them to tell me who else I should train with. I'm paying them to provide their training to me. It's true SANS doesn't seem to mention many of the other resources you pointed out and perhaps they should change that. I'm sure if a student asked that question during training the instructors would provide whatever information they could but I doubt it would be included in the training materials unless there was a strong push from their "customer base" via the course review system.
Fail me if I'm wrong, but I always believe that training/marketing/whatever material should cite their sources and credit the original author(s) and source material.
One small point of correction regarding your comment above "SANS works fairly exclusively with InGuardians for instructors". SANS is a huge organization with a large instructor pool. It's true that many of their highest profile instructors are from InGuardians but I believe they were SANS instructors before they formed the company (Skoudis, Poor, Wright to name a few). Many, if not all of them, were/are handlers for the ISC. There are plenty more instructors representing a broad spectrum of the industry and not from InGuardians. I don't want to beat a dead horse or come off as a SANS fanboy, just wanted to make that correction. It's unfair to the rest of the great instructors to lump them into a small group like that.
A very valid point/correction, however I was specifically referring to "pen-testing" training and mentioned several application security and incident handling boutiques that are alternatives to InGuadians and SANS for those specific subject matters Certainly SANS does have many instructors for their other classes from a wide variety of organizations across the industry. I plan on making more corrections to this thread and providing a summary via an official source somewhere, possibly in coordination with SANS. Apologies to any for the confusing and potentially incorrect language that I've used. No harm ; No fowl [sic foul] (feathers ruffled). Cheers, Andre
Current thread:
- Re: Security Certifications for SOC team Scott (Mar 03)
- Re: Security Certifications for SOC team Andre Gironda (Mar 03)
- RE: Security Certifications for SOC team Craig S. Wright (Mar 03)
- <Possible follow-ups>
- Re: Security Certifications for SOC team Miller Grey (Mar 03)
- Re: Security Certifications for SOC team Andre Gironda (Mar 03)
- Re: Security Certifications for SOC team Michael Condon (Mar 04)
- Re: Security Certifications for SOC team Andre Gironda (Mar 03)
- Re: Security Certifications for SOC team FS (Mar 10)
- Re: Security Certifications for SOC team Andre Gironda (Mar 03)