Excellent write up BillV

Anyone in this forum have experience running splunk against 25-50 TBs of log data? I'm just wondering if it can handle that and how many separate servers you might have to spin up.

The most important point of the article: If you think a cert will make you a star you are 100% wrong. I agree with silxp that the focus should be on learning the content well and not what a cert gets you. Also another point I like, which was kinda hinted at. Don't make your certification selection based on trendiness or job boards, you should think out your career path first to make sure you align your certification goals correctly.

I think there is definitely interest, but since this is an already crowded niche for certification, it may just be that nobody has taken the course yet. I know the SANS and Mandiant courses are very popular in this area.

that quote is hilarious!

Just what we need another piece of beta software running on the interweb ....
No seriously, why can't ANY developer deliver a browser that runs in a complete sandbox with a normal browsing experience. For some reason, they designed web content with need to access your system either with user privileges or system privileges that most 3rd party software runs as. UGH :-(

On a side note, anyone play around with Checkpoint's Forcefield? Its pretty cool, but breaks many java apps.

NO DOUBT, there are tons of "legit" companies walking around simply running a va scan and handing them a stock report. What a joke and nobody knows any better. As long as the box gets checked. I once had some idiot at an unamed company tell me that their pentest was only running firewalk from the outside. Apparently firewalk was their magic bullet for security.

I think a one man pen test shop could only cater to really small businesses. Anything bigger and your gonna want a whole team, with a few guys that specialize in various areas. I've thought about that idea, as far as doing it on the side. As long as you can line up customers and provide value, why not.

Also, between SANS and the Infosec Institute, which one has more hands-on activities? And do either use Core-Impact and/or Canvas during the class?

GREAT IDEA!!!!

In its current form, I do not believe the CEH provides any value. I studied for a week and passed it easily. My complaints about it, are that it is too much focused on tools and options of said tools. Knowing that a tool exists and how to use it, is nothing special IMHO. I wouldn't call the CEH a pen testing cert either. Its more like hacking tools 101.

Congrats on your new adventure! At least you can say you no longer work for the "man" now. This forum and the con have really taken off due to your hard work and it looks like things will only get better

Cool, thanks for the info. I will checkout both of those books at the store to figure out which one to buy online.

Is that Webgoat thing on the OWASP site decent?

If you go the dd or dcfldd route, check the free tool from cert/cc for booting a dd image

http://liveview.sourceforge.net/

If FOG disappoints, you might consider just trolling the dealdump sites for awhile. This year I saw a Symantec bundle with Ghost for like 29.99. Yeah it sucks to pay, but your getting a reliable product.

Samurai,
I agree. I'm trying to build up my skillset in this area, beyond just scanning and exploiting.

VJ,
Are there any instructors that standout? Just wondering as my past experience with SANS was heavily dependent on the which instructor you got. For example, the smaller SANS events usually don't get the A Team.

Anybody have a recommendation for a training class and/or book on Web App Hacking?

I was think about buying
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws