.

eLearnSecurity vs. SANS GPEN

<<

eternal_security

Newbie
Newbie

Posts: 36

Joined: Thu Nov 13, 2008 10:35 am

Post Mon Nov 15, 2010 10:38 am

eLearnSecurity vs. SANS GPEN

Given the choice, if you could only take one of the two, would you take eLearnSecurity's Penetration Testing - Pro course, or the SANS 560 - Network Penetration Testing and Ethical Hacking course.  Why?

I have my C|EH and OSCP but was looking for one more course to supplement (aside from others from Offensive Security, which I'd also like to take).  Part of the reason I am looking at these is that my boss would also like to take a course (I'm recommending PWB from Offensive Security, but he is also looking at SANS).  It would be great if I could get comments from those who have taken the eLearnSecurity and SANS courses to help in the decision process.

Thanks!

eternal_security
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Mon Nov 15, 2010 12:13 pm

Re: eLearnSecurity vs. SANS GPEN

I have taken reLearnsecurity's PTP course (submitted my report yesterday and waiting for the result). Though I haven't taken GPEN but I would still recommend GPEN over PTP.

PTP is more like a beginner to intermediate level course. They give you enough information about network, system and web app. pentesting but not make you an expert in any one particular area. The one module I really enjoyed in PTP was web application security, but then again, it doesn't teach you everything.

Since you've your OSCP I think you are already past the intermediate stage. I've heard some great things about GPEN and based on the reviews, it appears to be an advanced pentest course, something which suits your profile.
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Mon Nov 15, 2010 5:13 pm

Re: eLearnSecurity vs. SANS GPEN

Though I haven't taken SANS 560 course I've taken PTP like Equix3n. [@Equix3n - I submitted mine on the 11th hope I did well.]

I'm backing up Equix3n when he says, "Since you've your OSCP I think you are already past the intermediate stage." Taking and passing the PWB course puts you at a higher level than PTP's Network and Systems Security sections (as of their current version in the course) - their Web Application Security section taught me some new things.

I've heard tons of positives from the 560 class. I hear Ed's a terrific instructor. If your boss is willing to pay for a seat in it, consider yourself very privileged! Hopefully a couple GPEN's give you some feedback!

-Kris
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

T_Bone

Full Member
Full Member

Posts: 199

Joined: Sat Feb 21, 2009 7:11 am

Post Mon Nov 15, 2010 5:38 pm

Re: eLearnSecurity vs. SANS GPEN

I haven't taken the SANS 560 but managed to get on the SANS 504 (Hacker Techniques, Exploits & Incident Handling) as a facilitator 2 years ago and would recommend the SANS 560 if you have the budget.
<<

eternal_security

Newbie
Newbie

Posts: 36

Joined: Thu Nov 13, 2008 10:35 am

Post Mon Nov 15, 2010 9:44 pm

Re: eLearnSecurity vs. SANS GPEN

Thank you all for the feedback.  I took the SANS GSEC course several years ago, and it was just ok (i was also very distracted at the rik time, as the company I worked for was being acquired).  Also gave heard very god things about Ed Skoudis and the SANS 560 course; I was just going to get some additional opinions. From the "advertising," the eLearnSecurity course sounded really god, and I like that they seem to (or claim to) lay down a pretty solid methodology, as well  as focusing on writing a good report. But you all know, advertising can be a little exaggerated.  thanks again for the input. I feel a lot better informed to make recommendations to my boss.

Kind regards,
eternal_security
<<

hungrymind

Newbie
Newbie

Posts: 14

Joined: Thu Sep 10, 2009 6:30 pm

Post Sun Nov 28, 2010 7:27 pm

Re: eLearnSecurity vs. SANS GPEN

Hi,

Sorry to butt in, but since I am currently enrolled in elearnsecurity's PTP course, I thought I would throw my 2 cents in.

Upon first glance at the eLS PTP course, I was extremely excited. I was glad to see they covers network security and system security as well and not just web app security.

Now, with me being more than halfway through the web app security portion, I must say, the English is erroneous and confusing (I am sympathetic as I know English is not the instructor's first language. However, it was unacceptable that I had to go to various external resources to fill in the missing gaps). Second, there is no chatroom where students can converse with other students. Apparently it is on its way, but it's been some time now and we have not received an update. A chatroom cannot be that hard to implement (there is already a forum). Thirdly, and this bugs the hell out of me, there is no direct line of communication between instructor (or other instructors) and student. At present, I can email a support-line email, which does not guarantee a reply, or I can contact the instructor via the forum, again, without guarantee of a reply. I finally received a reply to one of my questions and that was after waiting several days. At present, the eLS course feels more like a very expensive slideshow. I'm almost afraid to submit my pen-test report, because I feel like I am missing something  :(

Some of you will think my review is unduly harsh, but I honestly believe that it is precisely this criticism that will inspire improvements. The trouble is that would-be instructors cannot just throw brain dumps up on a site and charge for access, there needs to be interactivity, you need to be there for your customer/student to answer any question that may arise (because what is the difference between this and a book or video learning). We pay our fees and expect that there will be an instructor there to help us when we get stuck.

Now, with all that said, the course is slated to be updated sometime soon. Again, nobody has set a date, so can't say when that is, only "soon". So perhaps the update will address all my concerns. Guess I'll have to wait and see.

Thanks for listening to my review.

hungrymind
<<

eternal_security

Newbie
Newbie

Posts: 36

Joined: Thu Nov 13, 2008 10:35 am

Post Mon Nov 29, 2010 10:23 am

Re: eLearnSecurity vs. SANS GPEN

hungrymind wrote:Hi,

Sorry to butt in, but since I am currently enrolled in elearnsecurity's PTP course, I thought I would throw my 2 cents in.

Upon first glance at the eLS PTP course, I was extremely excited. I was glad to see they covers network security and system security as well and not just web app security.

Now, with me being more than halfway through the web app security portion, I must say, the English is erroneous and confusing (I am sympathetic as I know English is not the instructor's first language. However, it was unacceptable that I had to go to various external resources to fill in the missing gaps). Second, there is no chatroom where students can converse with other students. Apparently it is on its way, but it's been some time now and we have not received an update. A chatroom cannot be that hard to implement (there is already a forum). Thirdly, and this bugs the hell out of me, there is no direct line of communication between instructor (or other instructors) and student. At present, I can email a support-line email, which does not guarantee a reply, or I can contact the instructor via the forum, again, without guarantee of a reply. I finally received a reply to one of my questions and that was after waiting several days. At present, the eLS course feels more like a very expensive slideshow. I'm almost afraid to submit my pen-test report, because I feel like I am missing something  :(

Some of you will think my review is unduly harsh, but I honestly believe that it is precisely this criticism that will inspire improvements. The trouble is that would-be instructors cannot just throw brain dumps up on a site and charge for access, there needs to be interactivity, you need to be there for your customer/student to answer any question that may arise (because what is the difference between this and a book or video learning). We pay our fees and expect that there will be an instructor there to help us when we get stuck.

Now, with all that said, the course is slated to be updated sometime soon. Again, nobody has set a date, so can't say when that is, only "soon". So perhaps the update will address all my concerns. Guess I'll have to wait and see.

Thanks for listening to my review.

hungrymind


Thanks for the feedback, hungrymind.  Honestly, I find feedback like this most helpful.  I agree, it stands to help bring about positive changes, and it also helps someone like myself better evaluate the available options.  Knowing now what you've said, I would definitely look more toward the SANS 560 than the eLearnSecurity course, unless some of the issues have been or will be corrected by the time I sign up.  It also gives me a better basis for recommending one over another for my manager.  So again, thank you.  This information has been very helpful.

Kind regards,
eternal_security
<<

hungrymind

Newbie
Newbie

Posts: 14

Joined: Thu Sep 10, 2009 6:30 pm

Post Wed Dec 01, 2010 1:22 am

Re: eLearnSecurity vs. SANS GPEN

Hi eternal_security,

Thanks for the nice reply. I am glad I could shed some insight as one who is currently taking the eLS course.

To provide an update, I am still waiting for the lead instructor, Armando, to return two of my inquiries.

I also want to point out that there are absolutely no refunds. Which can be hard to swallow for many (as often times we sign up for something thinking it is one thing but turns out to be not what you had expected/needed/required).

I require very detailed step-by-step explanations and access to an instructor (even if only via email and/or chat). And so far, I am struggling with both of these issues.

Thanks for listening to my review. Again, glad it helped.

Best regards,
hungrymind
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Sat Dec 04, 2010 5:36 am

Re: eLearnSecurity vs. SANS GPEN

Since I've heard some "strange" things in this thread I thought I'd take the time to clarify something.

Forum is the place where *every* issue with the course can be addressed.
When I say *every* I mean that if you post any question about the course content me and the other instructors are there to respond.

This is quite funny to hear when you have other similar courses just tell you "try harder".

Refunds are usually not allowed because:
  • We are the only that give a free FULL module as a demo so you can take a look at how things work in eLearnSecurity, before spending $599 that is still the lowest price for such a course
  • We are the only that gives you the possibility to pay in 3 installments and cancel any time

Hundreds of other students have proficiently taken our course and passed our exam without any need to study elsewhere. Beside english bugs are being fixed this very week, none of these have prevented these hundreds of students from successfully passing our exam.

Thanks
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Sun Dec 05, 2010 10:47 am

Re: eLearnSecurity vs. SANS GPEN

I have done both the OSCP and the GPEN. The GPEN compliments the OSCP quite well. The OSCP is just 'raw power'. While the GPEN is more refined :).

The GPEN covers a lot of the business aspects and this is one area where the OSCP falls short.
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Dec 06, 2010 4:58 am

Re: eLearnSecurity vs. SANS GPEN

I agree with Dark_Knight, GPEN complements OSCP quite well. In addition to the business aspect, GPEN also covers "attacking from the Windows platform" and many other things that the PWB course doesn't address.

I personally took the PWB course before trying GPEN and found that I have picked to proper order!

@Armando: I agree with you, "Try Harder" may helped sometimes, but this is often not funny to read this kind of reply... On the other hand, the Offensive-Security folks always respond very quickly, usually within a couple of hours.

While I wouldn't expect the instructors to be available night and day, 365 days a year, I would expect to get a reply back within 5 hours during business hours and maybe within 15 hours during the weekend and at night (when we study!).

At present, I can email a support-line email, which does not guarantee a reply, or I can contact the instructor via the forum, again, without guarantee of a reply. I finally received a reply to one of my questions and that was after waiting several days.

Armando, what would you say is the typical reply time frame for your courses?

Finally, I sent emails to other training companies. Some are very fast to get back to you (and then never let go...) and others seem to ignore you. Somewhere in the middle would be fine!  ;)
Last edited by caissyd on Mon Dec 06, 2010 5:06 am, edited 1 time in total.
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Tue Dec 07, 2010 4:35 am

Re: eLearnSecurity vs. SANS GPEN

Ok, Let's say our response time is from 15 minutes (from my BlackBerry), to 12 hours if I'm in a training session.

Let's try to consider that ours is a self paced course and that we provide instructor support for free and at our best effort. 

Moreover for technical issues we also have a chat system directly with me or my staff. This time it's 0 minutes delay.
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Dec 07, 2010 7:50 am

Re: eLearnSecurity vs. SANS GPEN

Thanks Armando for the clarification.

It must be difficult to work so much on a product and have people make critics on little things like email response time. But on the other hand, students can sometime spend hours running in the wrong direction. They also get frustrated, hence little conflicts here and there!

Thanks again Armando for the clarifications. I am also considering your course.
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Armando

User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Wed Dec 08, 2010 10:07 am

Re: eLearnSecurity vs. SANS GPEN

I definitely understand my students needs for quick responses.
I'm also thinking of providing classes of service so that more demanding students can get faster response times.
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers
http://www.elearnsecurity.com

Founder of HACK.ME Free community based web app security virtual labs
https://hack.me
<<

rabray

Newbie
Newbie

Posts: 38

Joined: Mon Nov 01, 2010 2:41 pm

Post Fri Jan 14, 2011 8:07 pm

Re: eLearnSecurity vs. SANS GPEN

At the moment I am working on the elearnsecurity course. Thus far I have enjoyed my own personal experience of this mode of learning.

My main challenge is usually fitting in the time, I am glad that you get plenty of time to focus in on the relevant learning outcomes for the assessment.

Then I can follow up on the other knowledge domains with the life time access to content which I have enrolled in.

The communication via the forum for me has so far been effective. When I have had a question, often another more experienced student will respond and an Instructor may contribute, which is good also in a way to have another effective part of learning, contribution and interaction of peer learners.

Armando has provided me with a confidence to know that any question I have will be answered, hopefully I will be able to understand and learn from that answer, sometimes that part requires more work from me. Fair enough.

Like most forums I have ever used in the past there is a delay in terms of response time but this is the norm from my experiance of online distance learning options. I would highly suggest, if like me you have time constraints on your amount of CPD time you can spend, you will want to make sure you account for this in terms of your own learning plan.

Hope these comments assist anyone who is curious about the course. If anything I have said is not clear enough feel free to pm me if you have any questions.
---------------------------------------
CEH, eCPPT, MCT, MCSA, MCDST, A+, Net+

Never been the flamin type.

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software