EH-Net

As we do with most ethical hacking certifications, we are dedicating an entire Forum Board to GPEN. Below is a link to the GPEN page here on EH-Net including my comments at this point in time, some more info from the SANS web site and a quote from Ed Skoudis.

http://www.ethicalhacker.net/content/view/180/3/

Here's a taste:



Off we go...

Don

This looks like it will be a great course. Is this what they've changed the name to from what they were originally calling the 'GCEH'? Any particular reason they strayed away from that? Perhaps to avoid confusion?

I will be attending the first run of the course @ Tysons', I will post my comments after that. I am looking forward to another class with Ed. :)

Excellent! Thanks a lot, I look forward to your feedback.

cool,
let us know how it goes

Wish I was going...not even that far from me either.    >:(

I also await your feedback.

If you want more info directly from SANS/GIAC:

http://www.sans.org/info/25034

Don

This sounds like a really great course. After the webinar with Ed Skoudis the other day on the Windows command-line stuff, I called up SANS to get more information about this course (and some others).

They told me about this really cool offering called 'FlexPass.' If you (or a group) are looking to purchase multiple On Demand courses, you can receive a pretty significant discount.

http://www.sans.org/ondemand/flexpass.php (http://www.sans.org/ondemand/flexpass.php)

Billv
The validitiy of the pass is one year, it takes time to clear off one sans course, I wish if they can extend this to at least two years.

I am interested on this course and how it compares with the heros.net/offensive security courses. would it be uptodate with the latest trends? how much cool is the handson? and how practical is it in real life?

I will wait for vijay2 feedback, hope you enjoy it any way, take a powerful laptop, and stay away from windows vista if you are going to use vmware intensively

How do you guys think that this course compares with the C|EH/ LPT courseware from the EC-Council?

if you know anyone with access to the GIAC list that very question was asked.  i didnt read the posts because i dont care, SANS material is way better than EC-Council but maybe someone else that has access will summarize for you.

So you would recommend the GPEN cert over the EC-Council stuff?

You should try to talk to other ethical hackers/IT people in your community. Find out which cert is more highly regarded in your local area, and go for that one.

For the benefit for all the readers, here is what Ed Skoudis had to say, quote ..

To help you understand how it differentiates from CEH, I put together this list of bullet points:


This SANS course differs from other penetration testing and ethical hacking courses in several important ways:
• We get deep into the tools arsenal, with numerous hands-on exercises that show subtle, less-well-known, and undocumented features that are incredibly useful for professional penetration testers and ethical hackers.
• The course discusses how the tools inter-relate with each other in an overall testing process. Rather than just throwing up a bunch of tools and playing with them, we analyze how to leverage information from one tool to get the most bang out of the next tool.
• We focus on the workflow of professional penetration testers and ethical hackers, proceeding step-by-step discussing the most effective means for conducting projects.
• The sessions address common pitfalls that arise in penetration tests and ethical hacking projects, providing real-world strategies and tactics for avoiding these problems to maximize the quality of test results.
• We cover several timesaving tactics based on years of in-the-trenches experience from real penetration testers and ethical hackers, actions that might take hours or days unless you know the little secrets we'll cover that will let you surmount a problem in minutes.
• The course stresses the mind-set of successful penetration testers and ethical hackers, which involves balancing the often contravening forces of creative "outside-the-box" thinking, methodical trouble-shooting, carefully weighing risks, following a time-tested process, painstakingly documenting results, and creating a high quality final report that achieves management and technical buy-in.
• We also analyze how penetration testing and ethical hacking should fit into a comprehensive enterprise information security program.

Hope this helps. I post more once i come back from the course.

What's your experience with hacking? Whether it's none, just for fun and learning, experienced, etc. I know you posted an intro post somewhere, but I haven't found it yet.

Nevermind, I found your post. I would recommend taking the CEH v6 course at HH. You will enjoy it. If the CEH instructor is as good as the LPT instructor, you're in for a great course and you're sure to learn a lot. This course will open your eyes to a lot of different things and provide you with a good baseline of knowledge to expand your skills on in the future.

Well finally I am back from the awesome class and as promised I will put my review/comments in a day or 2.

Hey vijay2,

It was a pleasure meeting you this week and hanging out in Ed's world of pure imagination.

Yes... that's right. I was in the first offering of Ed's new course with vijay2. I am doing a full review article on this course very similar to what I have done with my CISSP (http://www.ethicalhacker.net/content/view/176/24/) and CEH (http://www.ethicalhacker.net/content/view/73/24/) reviews. After composing, fact checking, blah blah blah, it should be out before the end of the month. The working title is:

"Ed Skoudis and the Pen Testing Factory"

I'll keep you posted,
Don

I'm really looking forward to hearing about it! :)

Seconded ;)

should be an interesting read