Re: Pen testing training / certification

[Jeantet Fields <jt () jeantet net>]

In-Reply-To: <4017106E.3000808 () infostruct net>

Hey Gideon,

I took Redvolution's Ethical Hacking and Pen Testing class this past November, in DC.  The class wasn't so much an OPST 
cert course as an all-around Pen-Testing class, which mentioned OSTMM principles where relevant.  Kind of like the OPST 
cert was an afterthought, but definitely added value.

The class was about 60% labs, and nearly everything they talked about was backed up with live examples out on the net 
or in a test environment they set up in the class.

The students were an eclectic mix - foresic specialists, Net engineers, shady DOD characters etc.

In my opinion, the class is not for novices.  You should know IP networking like your birthdate, and have a solid 
understanding of Net topologies, equipment, and also some win32 and *ix OS if you want to get the most out of the 
class.  Put it to you this way, if you have a CCNA, you'll be ok.  In addition to the lead instructor, they had two 
backup instructors who helped the students one on one with labs.  The student / teacher ratio was 2:1. 

I would have been overwhelmed by the amount of information and security tools presented in the class if not for their 
lead instructor - Taylor.  The guy's good.  He spent years at Verisign before starting this company.  He's probably one 
of the best instructors I've ever had.  In fact, I now teach Firewalls and Net security at NYU, and I've modeled my 
class and lectures on the way this guy teaches.

I highly recommend these ReD guys.  (they also throw a pretty good party after the last class ;-)

bounce me an e-mail if you have any more questions.

./j


> Received: (qmail 24493 invoked from network); 28 Jan 2004 22:51:09 -0000
> Received: from outgoing2.securityfocus.com (205.206.231.26)
>  by mail.securityfocus.com with SMTP; 28 Jan 2004 22:51:09 -0000
> Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
>       by outgoing2.securityfocus.com (Postfix) with QMQP
>       id D57DE91E6D; Wed, 28 Jan 2004 09:46:46 -0700 (MST)
> Mailing-List: contact pen-test-help () securityfocus com; run by ezmlm
> Precedence: bulk
> List-Id: <pen-test.list-id.securityfocus.com>
> List-Post: <mailto:pen-test () securityfocus com>
> List-Help: <mailto:pen-test-help () securityfocus com>
> List-Unsubscribe: <mailto:pen-test-unsubscribe () securityfocus com>
> List-Subscribe: <mailto:pen-test-subscribe () securityfocus com>
> Delivered-To: mailing list pen-test () securityfocus com
> Delivered-To: moderator for pen-test () securityfocus com
> Received: (qmail 12806 invoked from network); 28 Jan 2004 01:53:45 -0000
> Message-ID: <4017106E.3000808 () infostruct net>
> Date: Tue, 27 Jan 2004 20:29:18 -0500
> From: "Gideon Rasmussen, CISSP, CFSO, CFSA, SCSA" <gideon () infostruct net>
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
> X-Accept-Language: en-us, en
> MIME-Version: 1.0
> To: pen-test () securityfocus com
> Subject: Pen testing training / certification
> Content-Type: text/plain; charset=us-ascii; format=flowed
> Content-Transfer-Encoding: 7bit
>
> I am considering the OPST certification from ReDvolution Technologies. 
> It is based on the Open Source Security Testing Methodology Manual - 
> OSSTMM (http://www.isecom.org/projects/osstmm.shtml).
>
> Has anyone taken their applied penetration testing course 
> (http://www.thinkingred.com/index.php?module=ContentExpress&func=print&ceid=23&redi=training_sub2.jpg)? 
>
>
> I would appreciate hearing about your experiences. Thank you.
>
> Gideon
>
> Gideon T. Rasmussen
> CISSP, CFSO, CFSA, SCSA
> Boca Raton, FL
> gideon () infostruct net
>
>
>
> ---------------------------------------------------------------------------
> ----------------------------------------------------------------------------

---------------------------------------------------------------------------
----------------------------------------------------------------------------