.

Training Conundrum

<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Sun Jan 13, 2013 10:51 pm

Training Conundrum

So I am looking at what to pick for training this year, provided we have a budget for it.  I am torn between a few SANS courses, 2 of which do not have any GIAC certs associated but provide some much needed information.  Those would be SEC575 (mobile security) and 579 (Virtualization/Private Cloud).  575 would benefit my current role at the company.  579 peaks my interest much more because I love me some virtual machines and the architecture behind a properly implemented solution.  As for the cert paths I was looking at SEC501 (Adv Sec Essentials), mostly to formalize my training as a defender. The other option was FOR610 (malware analysis), main goal is to get more formal training on this topic which has been an ongoing self-study effort.

So do I go for the straight up informational training?  Or go for a cert path?  Any choice will help the company really.  I am the only technical/architecture security guy, so increasing my knowledge helps improve things as a whole.  Though if I was to go completely selfish, I would choose FOR610 for both the experience and the cert.  SEC579 would be a close 2nd.

Any thoughts?
Certs: GCWN
(@)Dewser
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Jan 14, 2013 8:10 am

Re: Training Conundrum

Only you knows the answer 3xban!

Do you have a pretty secure job? If it's the case, you don't need certs in the short term... You may be better going for a class that would help you and your employer (it will also be easier to get them to pay for the class...).

Do something you like, regardless of the cert. You must have seen by now how we, on the offensive side, praise the Offensive Security courses. We all know here that their certs are extremely valuable, but as far as I am concerned, the industry has yet to recognize them. Basicaly, being OSCP certified doesn't help you get through HR, but it helps you big time when it is time to do the real work...

So just focus on getting better at something you like. Your reputation and skills are far more valuable than certs.

And yeah, do CISSP when you have a chance...  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Mon Jan 14, 2013 12:16 pm

Re: Training Conundrum

I did consider the CISSP, I should just bite the bullet and go for it.  Figure get the week boot camp and hammer out the test.  Although, if I do the self study, I can probably get them to pay for the exam and then I will have extra training money left and use that for a content rich course of some sort.

I just lack peers to discuss these types of topics with locally.  In my group I am the technical lead for most of the InfoSec projects and operational stuff.
Certs: GCWN
(@)Dewser
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Jan 14, 2013 12:32 pm

Re: Training Conundrum

I self studied for CISSP. Here's what I did: http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6675.msg35858/#msg35858

But you don't have to do it now. I was joking a bit in my previous post...  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Mon Jan 14, 2013 12:38 pm

Re: Training Conundrum

3xban wrote:So I am looking at what to pick for training this year, provided we have a budget for it.  I am torn between a few SANS courses, 2 of which do not have any GIAC certs associated but provide some much needed information.  Those would be SEC575 (mobile security) and 579 (Virtualization/Private Cloud).  575 would benefit my current role at the company.  579 peaks my interest much more because I love me some virtual machines and the architecture behind a properly implemented solution.  As for the cert paths I was looking at SEC501 (Adv Sec Essentials), mostly to formalize my training as a defender. The other option was FOR610 (malware analysis), main goal is to get more formal training on this topic which has been an ongoing self-study effort.

So do I go for the straight up informational training?  Or go for a cert path?  Any choice will help the company really.  I am the only technical/architecture security guy, so increasing my knowledge helps improve things as a whole.  Though if I was to go completely selfish, I would choose FOR610 for both the experience and the cert.  SEC579 would be a close 2nd.

Any thoughts?


Do what genuinely interests you. I agree with doing the CISSP as it seems to be a necessary evil. I have been putting it off for a while now.
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Mon Jan 14, 2013 8:58 pm

Re: Training Conundrum

Go for 8570-type certs especially the CISSP. The way I see it, the high-level certs are going to improve your re-hire chances if you lose your job (never say never) or want to move on. These will get you past HR. your current job experience will land you a job with the manager in your next interview... But you have to get past HR first. Since your current employer is willing to foot the bill, expand your HR fodder.
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Mon Jan 14, 2013 9:34 pm

Re: Training Conundrum

And Thomas makes a valid point.  I actually had a recruiter contact me about a gig 8 minutes from my house (current commute is 1 hour).  Of course I said hell yeah (well not really I was reserved) and sent my updated resume over.  But because I didn't have "GSEC or CISSP" my resume was a little light.  Though I don't believe he actually read the resume or understood half the stuff on it.  Told my last boss about that he was a bit shocked.  I moved on and told the recruiter well if he doesn't find someone or the choice doesn't work out, give me a call.  Then said to myself, I don't want my next boss to be that type of manager.

But either case, if I decide to go into freelance consulting, clients will want to see something like a CISSP on my credentials, so it is like a necessary evil.

Thanks for the input guys! 
Certs: GCWN
(@)Dewser
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Jan 15, 2013 11:17 pm

Re: Training Conundrum

I don't see the need for a course for the CISSP. The material is so dry that it's just going to go in one ear and out the other after you get a few hours into it. It's best to take the slow-and-steady approach with a book and regular review. The actual exam is almost more about interpreting the questions correctly than it is about security, so maybe you could omit studying if you have stellar analysis skills ;)

If you're looking for resume-building certs for a job change, browse job boards and see what's hot. GSEC is popular, but it's kind of generic, and there are a lot more people with those than any other GIAC cert. The GCIH seems to be the next most popular, and that one actually has some teeth to it. The 501/GECD material is also pretty solid. I've seen a majority of the books because I've written some exam questions for that one. Again though, check the job boards and see what the demand for that one is. I would suspect you'd find that one to be very useful for your day-to-day role, but relatively weak for career changes.

Regarding the mobile and virtualization courses, you can certainly pimp those on LinkedIn and your resume. Both of those are important technologies that pretty much everyone uses, and stating that you've had a SANS course on the subject is only going to help your cause. Although, I'd view those more along the lines of icing on the cake, as opposed to major attention-getters that help you get your foot in the door. I'd put those off until you've got resume fodder under your belt. 
The day you stop learning is the day you start becoming obsolete.
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Thu Jan 17, 2013 10:48 pm

Re: Training Conundrum

Thanks man, I appreciate the input.  It is tough, I am basically in a generalist role at the moment.  Unless we add more technical staff, I will probably remain their until I burn out or decide to hunt for another opportunity.  I really do enjoy building out architectures, so long as I get to get my hands dirty a little.  But the current corporate setup doesn't always allow for that.  GCIH would benefit me, that part of my job I enjoy as well.  Unfortunately I don't have all the nifty testing sandboxes that the cool kids have.  So again, limited in what I am able to do.  So do it all!  But we won't give you the tools or time to do it.  oh well decisions decisions.  Maybe I'll use the thinking time and strengthen my coding.
Certs: GCWN
(@)Dewser

Return to Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software