Re: [PEN-TEST] FW: [PEN-TEST] Forensic analisys and related training

[Alfred Huger <ah () SECURITYFOCUS COM>]

Hey Folks,

I have had a few people asking me to zorch the thread but I think I will
let it run given that training is an important aspect of this
field. However, let's not head down the 'is certification worth it' path
because we have beaten that one pretty soundly in the past.

In terms of SANS, I have actually heard about the anti @stake/L0pht rant a
few times although I am not sure if it was from people at the same class
or if it's a regular theme in Mr. Cole's instruction. Either way, it's
unfortunate. I am quite positive that the folks over at @Stake would have
enough class to keep their opinions to themselves when presenting to the
public, it's a shame Mr. Cole does not.

That being said SAN's courses are a pretty mixed bag with varied
instructors so I think it would be a mistake to judge them all from this.

Foundstone as was mentioned also has training available. Quite some time
ago I had a chance to view some of their instructional material and was
pretty impressed, alot of that knowledge seems to have made it's way into
their book which I also enjoyed. Like it was said earlier, all of these
courses give you a certain base, from there you need to learn on your
own. Formalized training in this field has yet to really mature so it's
expected that this is the case.

I personally am a big fan of Black Hat and Security USENIX. The content is
advanced and the people there are always interesting. Then of course there
are always places like the Pen-Test list :>



Alfred Huger
VP of Engineering
SecurityFocus.com