The value of GSE

Viewing 27 reply threads
  • Author
    Posts
    • #5651
      caissyd
      Participant

      The GIAC Security Expert (GSE) is, from what I understand, the hardest certification to obtain from SANS/GIAC. In order to get it, you have to earn several other certifications, including “gold” ones where you have to write research papers.
      http://www.giac.org/certifications/gse.php

      But if you look closely at the link above, it seems that only 22 individuals currently have this certification, compare to tens of thousands owning a “normal” SANS/GIAC cert. This is obviously a very big cert to have!

      But other than for personal knowledge, is it worth the time/money/effort? What if you put your energy on, let’s say, CEH/CISSP/CISA/GPEN/OSCP/CCNA? I know these certs serve different goals, but combined, they are probably as time consuming than GSE.

      It seems to me that, although owning a GSE (and all its sub-certifications) would be very good, having other certifications may be better for you because they are more “known” by employers.

      Obviously, it all depends on what is your goal with certs. But I think that for most of us, it is to help us find the job we want to do.

      What do you guys think?

    • #35548
      ziggy_567
      Participant

      I can tell you that the GSE is very valuable if you are going to be working as a Federal Gov’t contractor or as a Federal employee but probably doesn’t hold as much weight in the private sector.

      This is just speculation on my part, but I bet if you were to look into all the people that hold the GSE that they pretty much do already hold non-GIAC certifications like the CCIE/RHCE/CISSP/etc.

    • #35549
      caissyd
      Participant

      they pretty much do already hold non-GIAC certifications

      That is certainly true!

      But if you compare other certification paths, is it that valuable? Again, only 22 guys have it right now…

    • #35550
      mambru
      Participant

      SANS certs are very well respected in the government and private sector, so  no doubt it is valuable.

      The GSE can be achieved in different ways, therefore you have certain freedom to build your path according to your needs/wishes. However, these certs are more on the technical side, so if your pursuing a managerial position, maybe it’s not the best path.

    • #35551
      caissyd
      Participant

      @mambru: I understand GSE very well and indeed, it’s quite a achievement! But at the same time, it requires a fairely big chunk of your life. For a pentester for example, would it be better to follow another path?

    • #35552
      ziggy_567
      Participant

      For a pentester for example, would it be better to follow another path?

      In my opinion, yes, the GSE is not for someone that is pursuing a “specialist” career path such as pentester, forensic investigator, etc. etc. I see the GSE as a “generalist” certification. Although the certs that you must obtain in order to sit for the GSE are “specialist” certs, the overall body of knowledge that the GSE encompasses is pretty broad. So, I would see a GSE holder in more of a security architect type position than a Sr. Penetration Tester. Now, I’m not saying that studying for and passing the GSE precludes you from being a Sr. Penetration Tester, but the GSE certification will help you in a “generalist” career path more than a “specialist” career path.

      For what it’s worth, I am not speaking from any personal experience…I have not sat for the GSE and in fact do not even hold the pre-reqs…this is just my halfway informed opinion…

      I’d love to hear from a GSE holder if there is one on these forums.

    • #35553
      mambru
      Participant
      it requires a fairely big chunk of your life

      and a big chunk of your economy as well 😉

      I don’t agree with ziggy_567, IMHO GSE is a valid path for a Pen Tester. You could achieve it through certs like GPEN, GWAPT, GAWN, GREM which comprise essentials topics for a Pen Tester.

    • #35554
      ziggy_567
      Participant

      @mambru

      The pre-reqs for the GSE can be accomplished by primarily pentesting certs as you stated, but that doesn’t change the fact that the written/practical focuses mostly on the material from the GCIA/GCIH/GSEC tracks.

      As I said, a pentester could definitely obtain the GSE, but I think you get more bang for your buck with the GSE if you’re following a different career path.

    • #35555
      dynamik
      Participant

      I’ll be attempting this in 2011 with a (now ex-) coworker of mine. We’re starting to put a blog together with notes, lab setups, sample captures, etc. It’s mostly just rambling at this point though. I have a month or two of college classes I have to wrap up before I can commit a lot of time to it, but I’m going put an enormous amount of time into it starting in December or January. I’m pursuing this primarily because it’s 1) a challenge, and 2) once you obtain it, you can renew all your GIAC certs by passing the GSE written exam once every four years.

      Chris Mohan took a stab at it this year, and he’s posted some thoughts on his blog: http://www.chris-mohan.com I can only imagine how excruciating the 30-day wait would be, ugh…

    • #35556
      caissyd
      Participant

      This is all good guys, but no one seems to answer my main question! 😉

      Is it worth the effort compare to other certs?

    • #35557
      ziggy_567
      Participant

      Is it worth the effort compare to other certs?

      With all due respect, that is a very personal question!  ;D

      Like dynamik, I think it would be worth it for the challenge of it and the fact that I don’t have to renew ALL my GIAC certs. All I have to do is pass the written every four years.

    • #35558
      dynamik
      Participant

      @mambru wrote:

      it requires a fairely big chunk of your life

      and a big chunk of your economy as well 😉

      I don’t agree with ziggy_567, IMHO GSE is a valid path for a Pen Tester. You could achieve it through certs like GPEN, GWAPT, GAWN, GREM which comprise essentials topics for a Pen Tester.

      I missed this; that’s actually not true. The exam is structured around the GCIH and GCIA. Windows and Linux skills are also required with either the GSEC or both GCUX and GCWN. I wouldn’t necessarily call it a generalist certification, but it’s definitely focused on IA and IH and not pen testing. While you can substitute additional 500-level certifications for the required gold papers, it’s not going to change the focus of the exam even if you decide to do something like GPEN and GWAPT. That’s not to say that type of knowledge wouldn’t be useful on the exam, but again, it’s not the focus. There were rumors of a GSE for penetration testing that included GPEN, GAWN, and GWAPT, but I asked recently and was told there were currently no plans for it.

      @H1t M0nk3y wrote:

      Is it worth the effort compare to other certs?

      Honestly, probably not. The only times I’ve seen it mentioned on job applicant wish lists have been in a ridiculous context, such as, “GIAC or GSE certified.” Like you’ve observed, there have only been a couple dozen since it started in 2003. I’m doing it for personal reasons and because I want to feel like I’m part of an exclusive geek club 😉

      If you’re pursuing certifications because you want mass recognition, this probably isn’t the one to go after. I wouldn’t expected the masses who aren’t in-the-know (read: hiring managers) to even be aware of it, but they’d probably think you could walk on water if you told them you were a CCIE.

      Or, I’m just telling you that to discourage you to keep the numbers low. Who knows…? ::)

    • #35559
      mambru
      Participant

      @dynamik

      Please don’t misunderstand me.  I’m not saying GSE can be build upon pen testing certs exclusively, I know GSEC, GCIH and GCIA are the core for GSE, but you can include GPEN, GWAPT, GAWN, which are directly related to pen testers. And GSEC, GCIH and GCIA comprises the basic skills any security guy should have, even a pen tester.

      That’s why I think GSE is worth the effort, personally I don’t pursue certs because their renown, but because what they offer to teach me and skills I can acquire.

    • #35560
      caissyd
      Participant

      With all due respect, that is a very personal question!

      It is indeed a very personal question that you can answer anonymously through your nickname “ziggy_567 “…  😀

      Honestly, probably not. The only times I’ve seen it mentioned on job applicant wish lists have been in a ridiculous context, such as, “GIAC or GSE certified.” Like you’ve observed, there have only been a couple dozen since it started in 2003. I’m doing it for personal reasons and because I want to feel like I’m part of an exclusive geek club

      That’s the kind of answer I was looking for, thanks dynamik!

      That’s why I think GSE is worth the effort, personally I don’t pursue certs because their renown, but because what they offer to teach me and skills I can acquire.

      I agree with you mambru! I see two main advantages of certs in general:
      1) It is like a learning plan to help and guide me in a perticular field;
      2) It helps me tell recruters that I know a few things in the field.

      So for me GSE (and its “sub-certs”) :
      1) It is a huge learning plan, incredible for personal experience!!!
      2) Like dynamik mentioned, not a lot of people know about it.

      While for me, something like CEH/OSCP/CISSP/CCNA:
      1) It is a huge learning plan, incredible for personal experience!!!
      2) A lot of people know about them

      So you guys know where my heart belongs…  🙂

    • #35561
      What90
      Participant

      Hello H1t M0nk3y,

      A resounding YES to your question: Is the GSE worth the time/money/effort?

      I didn’t do it for the glory, fame or to get a pay rise. I did it to learn and wow, did I learn.

      I’m one of ziggy_567’s generalists, pretty much focused on the defensive side, but there are some super smart offensive guys that are GSE’s, so it is up to the person taking the exam to work out the personal value. The people taking the GSE with me were a very diverse group. The only real definition I would place on them is they are all driven, seasoned security professionals with a desire to test and push themselves.

      I’ve got a number of other qualifications and always on the lookout for inspiring trainers and courseware to make me want learn. The GSE is a long term goal, rather short to mid-term one, so by all means take and excel in CEH/CISSP/CISA/GPEN/OSCP/CCNA etc, but once you completed them it is great to have somewhere else to aim for, should that be the path you want to follow.

      As a career advantage, it definitely helps you stand out. If you’re going for a security role and the interviewer doesn’t know what a GSE is or says about your abilities, then I’d suggest you’re applying for the wrong role. Again this is a big picture, long term career certification.

      My simple analogy; this is a CCIE/MBA for the security industry that is recognised as hands on ability. SANS is market leader for corporate security education and for good reason, in my opinion, so this level of testing and certification isn’t for everyone.  Other companies may come along and offer similar levels of exams, and I hope they do, but the security industry needs to have clear examples for non-industry people to differentiate ability and knowledge.

      I know enough networking folk to realise that certs don’t make the engineer, it’s skill, knowledge, ability and experience that do. Practical exams test those four areas, so you prove firsthand that it’s not book or braindump smarts, and that’s praiseworthy in my book. The GSE has a soft skills component, so while it is a very technical exam, being a back office, exploit-coding god without impersonal skills means you’re likely to fail. It is vital to be a good, or even great, communicator as a security professional or your message fails on uncaring ears and you fail.

      Money is a big issue, but I’d say any taught education costs. Once someone else stops paying for your education, you really have to be motivated to expend time and energy never mind the money. SANS is focused toward companies and organisations willing to pay for good training, so hopefully work will pick up the tab for most of the training. If you’re doing this out of your own pocket, do what I did – apply as a SANS work study volunteer:  http://www.sans.org/security-training/volunteer.php

      I hope that lots of people step up and challenge the GSE exam, to better themselves, continually push the industry to keep current and give others something to aim for being. Like anything the more people that are GSE’s the more they’ll be in demand. Cisco’s CCIE program started in 1993, considered as one of the hardest exam certifications, has over 22 thousand certified CCIEs nearly twenty years on. You decide if this is due to people want to excel and prove their skills or market demand. Or both 🙂

      A minor correction to your original post, there’s 29 people who are GSEs – now 😉

    • #35562
      caissyd
      Participant

      Wow, thanks What90!!

      I didn’t know there was a GSE amongst the EH.net members. I appreciate the time you took to reply to my post.

      The GSE is a long term goal, rather short to mid-term one, so by all means take and excel in CEH/CISSP/CISA/GPEN/OSCP/CCNA etc, but once you completed them it is great to have somewhere else to aim for

      I understand now. GSE is something you consider once you have done many, many other things. So yes, it is worth it big time, but not when you start. The goal is simply too high when you are new to the IT security field. But as you said:

      The people taking the GSE with me were a very diverse group. The only real definition I would place on them is they are all driven, seasoned security professionals with a desire to test and push themselves.

      GSEs are all experienced guys (but I already knew that!).

      So again, thank you What90 for your answer to my questions. I understand the motivation now.

    • #35563
      ziggy_567
      Participant

      Wow! Congratulations!!!

      I have to say, too, that I really appreciate your blog, Chris! I won’t attempt the GSE for some time, but it is a long-term goal of mine.

    • #35564
      steven1664
      Participant

      This whole conversation got me interested in looking at DoD 8570 as far as the value of the GSE in the government sector.  I had to laugh when I saw the GCIH listed as a certification that will qualify someone for IAT Level III certified according to the government because also listed under the IAT Level III section…………….GSE.  Who writes these documents cmon the GCIH is held to the same standard at the GSE, do those people have any clue about certifications at all.  If they just looked at the website for three seconds about the GSE they would realize it is not just one test involved in it and that the GCIH is normally included in the track for GSE…..sorry I just needed to rant about our tax dollars at work.

    • #35565
      ziggy_567
      Participant

      I’m not trying to be a smart@55, but where would you have them put the GSE?

      Level III is as high as it goes. If GCIH qualifies you at level III, then GSE certainly would.

    • #35566
      steven1664
      Participant

      ziggy no offense taken.  I realized that when I wrote that post maybe it didnt come out the same way as I thought in my head.  I was just saying that I think it is dumb that GCIH qualifies someone at Level III.  If anything it should be at level 2.  GSE should definitely be level 3 it is a very hard time consuming process and costly process to get GSE certified.

      It just seems weird to me that according to 8570 GCIH and GSE are held essentially at the same level of expertise if you know what I am saying essentially they are looked at as carrying equal weight, because they both qualify you for the same level for the government.

      I was just saying that I thought that was really jacked up that GCIH was level 3 along with GSE since there may be different routes to get a GSE, but all of them require that you have the GCIH certification.

    • #35567
      What90
      Participant

      Hello H1t M0nk3y,

      I hope that over the next few years there will be a ever-growing number of EH-ers with the GSE to their names.

      Thanks ziggy_567, if I can help out with the ascent to the GSE, let me know 🙂

    • #35568
      hell_razor
      Participant

      steven1664 – I think the problem with your thinking on GSE being Level III, is that there are only 29 GSEs worldwide.  They have to fill more than 29 positions, so they have to have a fallback.  Perhaps a combination of a couple of certs would be more to your thinking, though?

    • #35569
      kevinmbong
      Participant

      Hey All,
      What90’s not the only GSE holder here.
      Though honestly I don’t browse the forums often. 

      In my opinion –
      If I were seriously job searching I would get the CISSP too, I think my resume hits the HR person’s cylindrical file pretty often because they don’t see CISSP and don’t know GSE.  I’m considering taking the CISSP in march for just this reason.  I have found if I make it past the stupid HR filter and have a chance to explain what the GSE is to the hiring manager it seems to give me a pretty strong leg up over other candidates.

      The other great thing about the GSE is it keeps all your other certs current. I just renewed all of my GIAC certs by taking one exam last month.

      Some other humble opinions –
      Cost wise, if you are starting from nothing I can see it would be pretty expensive.  If you already have the certs to qualify to sit for the test its definitely worthwhile.

      Difficulty-wise, its tough but very fair.  If you memorized the material but don’t understand it you’ll struggle.  If you understand what’s going on in each and every page of the GSEC, GCIH, and GCIA courseware, including the labs, then the GSE is something you can pass.  There’s an essay I put together at sans.edu with more info if you haven’t seen it :
      http://www.sans.edu/programs/gse_prep.php

      Kevin

    • #35570
      caissyd
      Participant

      Thanks bongk/Kevin for your post. I just  finished reading your essay and it gave me an idea on what GSE is all about.

      Now we have 2 GSE out of 29 on this forum. Anyone else?

    • #35571
      dougburks
      Participant

      I took the GSE exam along with What90 (Hey Chris!) and I would agree with everything he said.  I would also agree with bongk that you should get the CISSP as well. 

      In my case, I did the CISSP first (back in 2006) to go ahead and get it out of the way.  Then, I started working on my SANS certs.  I started with SANS 503: Intrusion Detection because that’s what I was most interested in at the time.  I then wrote a Gold paper for 503.  Since I knew I wanted to work towards the GSE and SANS 401: Security Essentials was the first prerequisite, I took it next.  Then, I took SANS 560: Penetration Testing and finally SANS 504: Incident Handling. 

      For those that are looking for ways of reducing the cost, I would suggest looking at the SANS Mentor program.  Not only is mentoring a great way of forcing yourself to understand the material at a deeper level, but they also have the Triple-8 program which allows you to qualify for free training. 

      To anyone who is considering the SANS GSE, you can do this!

    • #35572
      ziggy_567
      Participant

      @dougburks:

      Can you elaborate on the Triple-8 program? I’ve never heard of this…

    • #35573
      dougburks
      Participant

      Here’s the Triple-8 description from SANS:

      “Earn the “Triple 8 Award” by Teaching 8 students while Scoring 8.8 on Student Evaluations
      -Mentor a class with 8 students with scores above 8.8 and receive a complimentary SANS class via @Home, Mentor or OnDemand, including the GIAC certification!
      -Earn the award a second time and you get the option of a free SANS Conference Seat! (travel not included)
      -Agree to come back and teach additional Mentor class within 6 months of completing first class.”

      This definitely helps cover the cost of courses leading up to the GSE.  As I mentioned before, mentoring also forces you to learn the material at a much deeper level so that you can explain the concepts clearly to your students.

    • #35574
      Valkyrja
      Participant

      Some really good information in here and I am glad I stumbled back into this forum today. Thanks everyone.

Viewing 27 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?