.

CREA - GPEN or GREM

<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Thu Jun 24, 2010 2:05 pm

CREA - GPEN or GREM

So then summer is here and I am bored right now (this happens all the time.. boreDumb). I was thinking about taking the CREA because I know the instructors are "top notch" when it comes to reversing however, I'm skeptical about it. GREM and GPEN speak for themselves and although I have my personal qualms about anything GIAC for personal reasons... As the saying goes if you can't beat em... Anyhow!?

Still waiting on the results of the CISM which is a drag because it WILL take no less than 5 weeks (test was June12th) and I'm wondering what's next... I *could* study for the CISA but that's on the boring side. Think *rubiks cube"... Which would you do, GPEN, GREM or take a chance with the CREA.

I'm actually hoping I can avoid all of those and waiting for validation on "Assured Exploitation" (http://trailofbits.com/2010/02/25/assur ... -training/) from Sotirov and Dovi this year... I *may* bother Pete Herzog to see when he plans on doing the OPSA/OPST round my parts... If you had your choice of the three mentioned (GPEN/GREM/CREA) though, which would you recommend and why.
<<

Bane

Post Thu Jun 24, 2010 5:30 pm

Re: CREA - GPEN or GREM

Having recently taken the GREM course. I can personally tell you that it is excellent. Lenny Zeltser is very knowledgeable and also has an engaging teaching style. I will not rehash, the topics covered in the course, suffice it say that it covers all types of malware.

Looking at the topic listing for the CREA, it appears to me that the CREA and GREM are very similar, however since I have not taken it I cannot specifically speak to it. One thing to note though is that it appears the CREA is an exam and certification only, they do not seem to provide training. You may be able to take the GREM course and then certify on both the GREM and CREA.

Which you should do next out of the certifications that you list really depends on your professional goals and/or your interests.

If you ahve any specific questions on the GREM course, I would be happy to tey to answer them for you.
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Fri Jun 25, 2010 11:59 am

Re: CREA - GPEN or GREM

Bane, don't know what's next for me. I just want to expand. Pentesting is something I've done for quite a while before it became a hot topic. My logic with GREM, CREA is to learn more about the other aspects of security from the reverse engineering standpoint to mesh it with pentesting experience.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sat Jun 26, 2010 12:44 pm

Re: CREA - GPEN or GREM

From what I know about you, I think the GPEN course would be a waste for you. However, it's hot and looks good on a resume. You should do what I did and just challenge it. You don't get any course materials, but you do get two practice exams to gauge areas where you may need improvement. I did the exam in about an hour and ended up with a 91. I also skipped the lab exercises because the lag was unbearable, and those were about 1/3 of the questions I got "wrong." I'd say it falls in between the CEH and OSCP in terms of technical difficultly. I know your knowledge/skills crush mine, so you should be able to pass that exam in your sleep.

I don't have any personal experience with it, but there's a teaser of GREM material here: http://vimeo.com/9474345 I don't think there's any question that the courses are quality; it's just whether or not you already know the material.
The day you stop learning is the day you start becoming obsolete.
<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Sat Jun 26, 2010 5:47 pm

Re: CREA - GPEN or GREM

dynamik wrote:I know your knowledge/skills crush mine, so you should be able to pass that exam in your sleep.


Nah no way bro.. Come on you and PaulBoz have been mopping the floor with me while I've been lallygagging between CCIE on and CCIE off retardation. I hear they *may* rename some of the SANS testing centers to Dynamik Boz Testing Centers ;)

To be honest with you, dynamik... There are a lot of cool people @ TExams and I admire the work and effort put into passing tests. Me... I'm pure technical and don't care for books :( ADHD ... Two weeks ago, I was amped... CISM I SWORE I would take my time this time. With 4 hours I finished in like 1:05 and I seriously took my time :( I even decided "No ... Know something not going to do this again... Let me re-check my answers..." 5 minutes later I got bored. I was actually anxious to go home and play with my Juniper SA :( I suck at exams because I'm too confrontational and am always debating some of the answers since they make little "real world" sense.

:( I need to play by the books and remember "the answer is what they want it to be" not what I know to be true. In the interim, I forgot about the SANS challenges... I need to spend 3k by November (company paid) so I want to do something worthwhile. GPEN I mentioned just to keep in tune with pentesting... To be honest though I've never even needed the cert on interviews, etc. its more or less 1) appeasing management, 2) boredumb 3) why not... eventually I do learn... 4) I like to annoy with 10+ acronyms on my business cards.

Maybe I should slow down on the certs up the ante and go to either NYU, Polytechnic or something... RPI told me "we h8 you never apply here!" :D Hows that for slackerness/education. So now I'm in need of more puzzles :( Challenges... More technical exams! Hence me always studying for the CCIE. My avg on written floats at about the 94% range :( The lab scares me... Besides the cost of the lab is pretty pricey to be failing... I could get by telling the powers that be in my company "So what I failed... I'm like 8 for 9 with one failed CISM that I don't care for" The cost of the CISM and others pale in comparison to failing the CCIE lab. Pimping "passed CCIE written" means nothing ;) and no, I won't go CCENT, CCNA, CCSP, CCIE Security, why bother if my core focus is CCIE(S). Might as well go hard!

1 1/2 Year Game plan (maybe) ... GPEN||GREM||CREA (will decide soon), JNxxx (because much of my work nowadays is on SSG, SRX, SA), CISA (to annoy), ISRM.
<<

former33t

Full Member
Full Member

Posts: 226

Joined: Sat Feb 14, 2009 12:33 am

Post Sat Jun 26, 2010 7:10 pm

Re: CREA - GPEN or GREM

I haven't taken GREM so I can't speak to that (yet).  Although I am getting ready to challenge it so I can mentor a course in my area.  I did pass the CREA after taking the accompanying InfoSec Institute course.  InfoSec and IACRB have the same type of relationship as SANS/GIAC (just so you know).

Several people I work with have taken the GREM course and some of us have taken the InfoSec course.  I've had a chance to look at the material for both.  The GREM seems to focus a LOT on dynamic analysis and not much on actual reversing.  The CREA does require you to reverse engineer a binary.  That being said, the InfoSec course sucked.  The material was not QC'd like I see at SANS courses.  The only thing that kept the course going was the knowledge of the contract instructor (who was clearly disappointed with the state of the material).

The people I work with that went to the SANS course can't come back and do reverse engineering.  The people who attend the InfoSec course can at least hit the ground running (although they complain about the material).  Many of the InfoSec labs are centered on cracking, but I guess you are doing RE when cracking an application.  The rest of the course is largely based on the "Reversing" book you can buy on amazon.

If you have the money, I'd do the SANS course.  Neither course will really teach you reversing but the SANS course is better structured.
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sat Jun 26, 2010 8:34 pm

Re: CREA - GPEN or GREM

sil wrote:Nah no way bro.. Come on you and PaulBoz have been mopping the floor with me while I've been lallygagging between CCIE on and CCIE off retardation. I hear they *may* rename some of the SANS testing centers to Dynamik Boz Testing Centers ;)


Maybe in terms of putting letters behind our names, but I don't think that is representative of overall technical knowledge. You had a detailed learning path for penetration testing written and published when I was just getting started out, so I'm going to have to respectfully disagree with you with there. I'm flattered you don't consider me a total noob though :p

sil wrote:To be honest with you, dynamik... There are a lot of cool people @ TExams and I admire the work and effort put into passing tests. Me... I'm pure technical and don't care for books :( ADHD ...


I totally understand. Honestly, I just chase after certs because they force me to learn things that I may not normally go out of my way for. They're just a challenge and a way to verify that I've retained a small amount of knowledge in whatever subject. Plus, if I learn something, I might as well pad the resume whenever I can.

I feel the ADHD pain as well. I'm lucky if I can get through a paragraph or two without my mind wandering :(

sil wrote:Two weeks ago, I was amped... CISM I SWORE I would take my time this time. With 4 hours I finished in like 1:05 and I seriously took my time :( I even decided "No ... Know something not going to do this again... Let me re-check my answers..." 5 minutes later I got bored. I was actually anxious to go home and play with my Juniper SA :( I suck at exams because I'm too confrontational and am always debating some of the answers since they make little "real world" sense.

:( I need to play by the books and remember "the answer is what they want it to be" not what I know to be true.


Ah, ISACA exams, making (ISC)2 exams appear to be straight-forward. I took the CISA on the same day. I couldn't stand to look at that material anymore, no way was I staying around longer to check my answers. That's the only exam I've taken that I am legitimately concerned about. The CISSP wasn't easy, but I left cautiously optimistic. With this one, it was like, "What's the greatest risk? Being set on fire, or having an artery severed?" You could spend all day making arguments either way. I tear the questions apart on exams like those as well.

sil wrote:In the interim, I forgot about the SANS challenges... I need to spend 3k by November (company paid) so I want to do something worthwhile. GPEN I mentioned just to keep in tune with pentesting... To be honest though I've never even needed the cert on interviews, etc. its more or less 1) appeasing management, 2) boredumb 3) why not... eventually I do learn... 4) I like to annoy with 10+ acronyms on my business cards.


Like I said, I really don't see you getting a lot out of the GPEN. Any interest in web app or wireless pen testing? The web app one actually falls under their "programming" umbrella, and the guys at the office who have taken both thought the GWAPT was more intense. The wireless one (GAWN) looks insane; I believe that's the highest level course that they offer a certification for. Also, if you just want to learn and aren't too concerned about getting letters behind your name, don't forget that SANS offers a lot of courses that don't have corresponding certifications.

Here are a few that seemed fun:

709 - Developing Exploits for Penetration Testers and Security Researchers
567 - Power Packet Crafting with Scapy (short course)
558 - Network Forensics

A full list is here: http://www.sans.org/security-training/courses.php

Also, what about OffSec's OSCE?

sil wrote:Maybe I should slow down on the certs up the ante and go to either NYU, Polytechnic or something... RPI told me "we h8 you never apply here!" :D Hows that for slackerness/education. So now I'm in need of more puzzles :( Challenges... More technical exams! Hence me always studying for the CCIE. My avg on written floats at about the 94% range :( The lab scares me... Besides the cost of the lab is pretty pricey to be failing... I could get by telling the powers that be in my company "So what I failed... I'm like 8 for 9 with one failed CISM that I don't care for" The cost of the CISM and others pale in comparison to failing the CCIE lab. Pimping "passed CCIE written" means nothing ;) and no, I won't go CCENT, CCNA, CCSP, CCIE Security, why bother if my core focus is CCIE(S). Might as well go hard!

1 1/2 Year Game plan (maybe) ... GPEN||GREM||CREA (will decide soon), JNxxx (because much of my work nowadays is on SSG, SRX, SA), CISA (to annoy), ISRM.


Yea, that sounds like that should keep you busy. I used to try to plan this stuff out far in advance, but I've found that I never stick to it. Like you, I'm kind of fickle about some of these things, and even if I have the perfect plan, something new and interesting always seem to come out of the blue, and my path totally changes. Now I just line up the next challenge and worry about what's next only after I'm done with that.
The day you stop learning is the day you start becoming obsolete.

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software