Re: Career Advice

[Dan <xxsegfaultxx () gmail com>]

I've never taken a single SANS course, so i cannot compare but i can tell you this. The Offensive Security course is 
practical. It requires you to connect to labs and practice your skills. Also the exam consists of a series of hosts you 
must exploit within a 24 hour period. There are not multiple choice questions here.

This is then followed up with a report of your findings. If the report isn't detailed enough, you can fail. 


On Mar 21, 2013, at 9:17 AM, Brian Seel <brian.seel () gmail com> wrote:

> I am proud to say that I am working on setting up a blog (want to do it with Dango instead of using a plug and play 
> blog to hopefully work on my Web knowledge which is in adequate). Thanks yo you guys for motivating me to do that.
>
> I am taking sans 560 this week (found out my employer had an extra seat and jumped on it). How does that compare to 
> the Os course?
>
> On Mar 21, 2013 8:16 AM, "Dan" <xxsegfaultxx () gmail com> wrote:
> One thing that I can't recommend enough is the training from Offensive Security. The reason I like this training/cert 
> is that not only do you learn the tools and techniques of how to conduct a pen test, you also need to show it in a 
> practical exam.
>
> This also includes the most important element of pen testing…the reporting. You could be the most elite kernel hacker 
> but if you can't document findings to a variety of people (technical and non techicanl) you've wasted a lot of time.
>
> http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/
>
>
>
>
> On Feb 23, 2013, at 12:07 AM, Brian Seel <brian.seel () gmail com> wrote:
>
> > Note: I am trying to keep this email vague so it is generic for posterity's sake. I am trying to not make the 
> > question specific to my situation so others can use your advice.
> >
> > =========
> >
> > So long time listener (pre Ep 100) who has been doing computer security related things for the last four years or 
> > so since college. I would really like to break into the pentesting arena, but I really like my current day job for 
> > a variety of reasons (pay definitely not being one of them).
> >
> > Basically, I would really like to do commercial pentesting on a part time basis, where I take a week or two off 
> > from my day job every few months and try to gain experience in the commercial realm and get my feet wet with a 
> > different way of approaching computer security. Within the next year I would love to leave my day job and do 
> > pentesting full time, but I dont feel confident enough just yet. As a bit of background, right now I am doing some 
> > Metasploit dev for my employer, but I am not able to do an end to end pentest.
> >
> > My question is if you have any advice about the best way to try to get a part time pentesting job. I am not under 
> > any illusion that trying to do pentesting part time is not going to be an easy sell. I know that, but I think my 
> > unique skill set will make *someone* want to take a flier on me. But, considering that most of you are probably 
> > pentesters, or in fields closely related, what would make you want to take someone on in a part time basis. Or is 
> > there really no case where you would consider that?
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom () mail pauldotcom com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com