CREA – GPEN or GREM

Viewing 6 reply threads
  • Author
    Posts
    • #5259
      sil
      Participant

      So then summer is here and I am bored right now (this happens all the time.. boreDumb). I was thinking about taking the CREA because I know the instructors are “top notch” when it comes to reversing however, I’m skeptical about it. GREM and GPEN speak for themselves and although I have my personal qualms about anything GIAC for personal reasons… As the saying goes if you can’t beat em… Anyhow!?

      Still waiting on the results of the CISM which is a drag because it WILL take no less than 5 weeks (test was June12th) and I’m wondering what’s next… I *could* study for the CISA but that’s on the boring side. Think *rubiks cube”… Which would you do, GPEN, GREM or take a chance with the CREA.

      I’m actually hoping I can avoid all of those and waiting for validation on “Assured Exploitation” (http://trailofbits.com/2010/02/25/assured-exploitation-training/) from Sotirov and Dovi this year… I *may* bother Pete Herzog to see when he plans on doing the OPSA/OPST round my parts… If you had your choice of the three mentioned (GPEN/GREM/CREA) though, which would you recommend and why.

    • #33337
      Anonymous
      Participant

      Having recently taken the GREM course. I can personally tell you that it is excellent. Lenny Zeltser is very knowledgeable and also has an engaging teaching style. I will not rehash, the topics covered in the course, suffice it say that it covers all types of malware.

      Looking at the topic listing for the CREA, it appears to me that the CREA and GREM are very similar, however since I have not taken it I cannot specifically speak to it. One thing to note though is that it appears the CREA is an exam and certification only, they do not seem to provide training. You may be able to take the GREM course and then certify on both the GREM and CREA.

      Which you should do next out of the certifications that you list really depends on your professional goals and/or your interests.

      If you ahve any specific questions on the GREM course, I would be happy to tey to answer them for you.

    • #33338
      sil
      Participant

      Bane, don’t know what’s next for me. I just want to expand. Pentesting is something I’ve done for quite a while before it became a hot topic. My logic with GREM, CREA is to learn more about the other aspects of security from the reverse engineering standpoint to mesh it with pentesting experience.

    • #33339
      dynamik
      Participant

      From what I know about you, I think the GPEN course would be a waste for you. However, it’s hot and looks good on a resume. You should do what I did and just challenge it. You don’t get any course materials, but you do get two practice exams to gauge areas where you may need improvement. I did the exam in about an hour and ended up with a 91. I also skipped the lab exercises because the lag was unbearable, and those were about 1/3 of the questions I got “wrong.” I’d say it falls in between the CEH and OSCP in terms of technical difficultly. I know your knowledge/skills crush mine, so you should be able to pass that exam in your sleep.

      I don’t have any personal experience with it, but there’s a teaser of GREM material here: http://vimeo.com/9474345 I don’t think there’s any question that the courses are quality; it’s just whether or not you already know the material.

    • #33340
      sil
      Participant

      @dynamik wrote:

      I know your knowledge/skills crush mine, so you should be able to pass that exam in your sleep.

      Nah no way bro.. Come on you and PaulBoz have been mopping the floor with me while I’ve been lallygagging between CCIE on and CCIE off retardation. I hear they *may* rename some of the SANS testing centers to Dynamik Boz Testing Centers πŸ˜‰

      To be honest with you, dynamik… There are a lot of cool people @ TExams and I admire the work and effort put into passing tests. Me… I’m pure technical and don’t care for books πŸ™ ADHD … Two weeks ago, I was amped… CISM I SWORE I would take my time this time. With 4 hours I finished in like 1:05 and I seriously took my time πŸ™ I even decided “No … Know something not going to do this again… Let me re-check my answers…” 5 minutes later I got bored. I was actually anxious to go home and play with my Juniper SA πŸ™ I suck at exams because I’m too confrontational and am always debating some of the answers since they make little “real world” sense.

      πŸ™ I need to play by the books and remember “the answer is what they want it to be” not what I know to be true. In the interim, I forgot about the SANS challenges… I need to spend 3k by November (company paid) so I want to do something worthwhile. GPEN I mentioned just to keep in tune with pentesting… To be honest though I’ve never even needed the cert on interviews, etc. its more or less 1) appeasing management, 2) boredumb 3) why not… eventually I do learn… 4) I like to annoy with 10+ acronyms on my business cards.

      Maybe I should slow down on the certs up the ante and go to either NYU, Polytechnic or something… RPI told me “we h8 you never apply here!” πŸ˜€ Hows that for slackerness/education. So now I’m in need of more puzzles πŸ™ Challenges… More technical exams! Hence me always studying for the CCIE. My avg on written floats at about the 94% range πŸ™ The lab scares me… Besides the cost of the lab is pretty pricey to be failing… I could get by telling the powers that be in my company “So what I failed… I’m like 8 for 9 with one failed CISM that I don’t care for” The cost of the CISM and others pale in comparison to failing the CCIE lab. Pimping “passed CCIE written” means nothing πŸ˜‰ and no, I won’t go CCENT, CCNA, CCSP, CCIE Security, why bother if my core focus is CCIE(S). Might as well go hard!

      1 1/2 Year Game plan (maybe) … GPEN||GREM||CREA (will decide soon), JNxxx (because much of my work nowadays is on SSG, SRX, SA), CISA (to annoy), ISRM.

    • #33341
      former33t
      Participant

      I haven’t taken GREM so I can’t speak to that (yet).Β  Although I am getting ready to challenge it so I can mentor a course in my area.Β  I did pass the CREA after taking the accompanying InfoSec Institute course.Β  InfoSec and IACRB have the same type of relationship as SANS/GIAC (just so you know).

      Several people I work with have taken the GREM course and some of us have taken the InfoSec course.Β  I’ve had a chance to look at the material for both.Β  The GREM seems to focus a LOT on dynamic analysis and not much on actual reversing.Β  The CREA does require you to reverse engineer a binary.Β  That being said, the InfoSec course sucked.Β  The material was not QC’d like I see at SANS courses.Β  The only thing that kept the course going was the knowledge of the contract instructor (who was clearly disappointed with the state of the material).

      The people I work with that went to the SANS course can’t come back and do reverse engineering.Β  The people who attend the InfoSec course can at least hit the ground running (although they complain about the material).Β  Many of the InfoSec labs are centered on cracking, but I guess you are doing RE when cracking an application.Β  The rest of the course is largely based on the “Reversing” book you can buy on amazon.

      If you have the money, I’d do the SANS course.Β  Neither course will really teach you reversing but the SANS course is better structured.

    • #33342
      dynamik
      Participant

      @sil wrote:

      Nah no way bro.. Come on you and PaulBoz have been mopping the floor with me while I’ve been lallygagging between CCIE on and CCIE off retardation. I hear they *may* rename some of the SANS testing centers to Dynamik Boz Testing Centers πŸ˜‰

      Maybe in terms of putting letters behind our names, but I don’t think that is representative of overall technical knowledge. You had a detailed learning path for penetration testing written and published when I was just getting started out, so I’m going to have to respectfully disagree with you with there. I’m flattered you don’t consider me a total noob though :p

      @sil wrote:

      To be honest with you, dynamik… There are a lot of cool people @ TExams and I admire the work and effort put into passing tests. Me… I’m pure technical and don’t care for books πŸ™ ADHD …

      I totally understand. Honestly, I just chase after certs because they force me to learn things that I may not normally go out of my way for. They’re just a challenge and a way to verify that I’ve retained a small amount of knowledge in whatever subject. Plus, if I learn something, I might as well pad the resume whenever I can.

      I feel the ADHD pain as well. I’m lucky if I can get through a paragraph or two without my mind wandering πŸ™

      @sil wrote:

      Two weeks ago, I was amped… CISM I SWORE I would take my time this time. With 4 hours I finished in like 1:05 and I seriously took my time πŸ™ I even decided “No … Know something not going to do this again… Let me re-check my answers…” 5 minutes later I got bored. I was actually anxious to go home and play with my Juniper SA πŸ™ I suck at exams because I’m too confrontational and am always debating some of the answers since they make little “real world” sense.

      πŸ™ I need to play by the books and remember “the answer is what they want it to be” not what I know to be true.

      Ah, ISACA exams, making (ISC)2 exams appear to be straight-forward. I took the CISA on the same day. I couldn’t stand to look at that material anymore, no way was I staying around longer to check my answers. That’s the only exam I’ve taken that I am legitimately concerned about. The CISSP wasn’t easy, but I left cautiously optimistic. With this one, it was like, “What’s the greatest risk? Being set on fire, or having an artery severed?” You could spend all day making arguments either way. I tear the questions apart on exams like those as well.

      @sil wrote:

      In the interim, I forgot about the SANS challenges… I need to spend 3k by November (company paid) so I want to do something worthwhile. GPEN I mentioned just to keep in tune with pentesting… To be honest though I’ve never even needed the cert on interviews, etc. its more or less 1) appeasing management, 2) boredumb 3) why not… eventually I do learn… 4) I like to annoy with 10+ acronyms on my business cards.

      Like I said, I really don’t see you getting a lot out of the GPEN. Any interest in web app or wireless pen testing? The web app one actually falls under their “programming” umbrella, and the guys at the office who have taken both thought the GWAPT was more intense. The wireless one (GAWN) looks insane; I believe that’s the highest level course that they offer a certification for. Also, if you just want to learn and aren’t too concerned about getting letters behind your name, don’t forget that SANS offers a lot of courses that don’t have corresponding certifications.

      Here are a few that seemed fun:

      709 – Developing Exploits for Penetration Testers and Security Researchers
      567 – Power Packet Crafting with Scapy (short course)
      558 – Network Forensics

      A full list is here: http://www.sans.org/security-training/courses.php

      Also, what about OffSec’s OSCE?

      @sil wrote:

      Maybe I should slow down on the certs up the ante and go to either NYU, Polytechnic or something… RPI told me “we h8 you never apply here!” πŸ˜€ Hows that for slackerness/education. So now I’m in need of more puzzles πŸ™ Challenges… More technical exams! Hence me always studying for the CCIE. My avg on written floats at about the 94% range πŸ™ The lab scares me… Besides the cost of the lab is pretty pricey to be failing… I could get by telling the powers that be in my company “So what I failed… I’m like 8 for 9 with one failed CISM that I don’t care for” The cost of the CISM and others pale in comparison to failing the CCIE lab. Pimping “passed CCIE written” means nothing πŸ˜‰ and no, I won’t go CCENT, CCNA, CCSP, CCIE Security, why bother if my core focus is CCIE(S). Might as well go hard!

      1 1/2 Year Game plan (maybe) … GPEN||GREM||CREA (will decide soon), JNxxx (because much of my work nowadays is on SSG, SRX, SA), CISA (to annoy), ISRM.

      Yea, that sounds like that should keep you busy. I used to try to plan this stuff out far in advance, but I’ve found that I never stick to it. Like you, I’m kind of fickle about some of these things, and even if I have the perfect plan, something new and interesting always seem to come out of the blue, and my path totally changes. Now I just line up the next challenge and worry about what’s next only after I’m done with that.

Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright Β©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?