I'll second the GCIA. I can't speak for the content of ECSA, but learning potential from GIAC is quite high compared to what I've seen from CEH. The live classes are definitely worth attending if you or your employer is able to fork over the cash for the event.
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security Current Goal: CCSE Continuous Education Plan: AWS-SAA, OSCP, CISM Book/CBT/Study Material: Max Power
i don't have ECSA, so I'll tell you about GCIA instead. It's SANS "IDS" class. You'll learn a lot of great techniques and cool skills like reading packets in hex (to understand IOCs as the sensors do), packet crafting (to test sensor rules), secure network architecture design (for sensor placement), packet capture and analysis tools: tcpdump, Wireshark, and silk (to observe traffic patterns), and of course how to operate bro and snort (the sensors!).
All that said i vote GCIA (completely unbiased right?). SANS training is some of the best you'll find in the security sector. Also, GCIA specifically has better market share as mentioned above. The one negative, and it's the same for all SANS/GIAC stuff, is the price of entry. It's steep for an individual (~$6000 for training +$700 for test when bundled with training); that's what Danielm7 was referring to when he mentioned cost.
SANS SEC503 focuses specifically on network intrusion detection, at least for the most part. To be a good security analyst, it's very helpful to have working knowledge of Windows/Linux and other generalist security knowledge as well as a basic understanding of web apps. It all comes together when you're tracking incomings on the radar. The word "context" is key here.
I have obtained lots of useful information here, which has helped me in the decision making process towards a career in IT security.
After recently completing the CompTIA Security+, I’m ready to take the next step.
I’m planning to go for CEHv9 then ECSAv9, as a stepping stone towards my ultimate goal of OSCP.
I have read a lot of negatives reviews regarding EC-Council. It’s difficult to determine if the negativity is aimed towards EC-Council as an organisation or if it includes the course content also, in particular the newer v9 courses.
I have not found much information regarding ECSAv9, outside of EC-C. However, I do like the idea of pen testing then submitting a report as an added challenge, before being eligible for the exam.
I have also looked into the GIAC route, but as I’m self-studying, it’s a tad out of my price range.
If anyone can share their experiences, particularly regarding ECSAv9, such as if it met your expectations or not, I would be grateful. Also, comments regarding any other points raised above would be most welcome.
E Double USenior MemberMemberPosts: 2,182■■■■■■■■■■
GCIA gets my vote.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS2022 goal(s): CRISC, AWS Certified Cloud Practitioner"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
Hello,
I’m planning to go for CEHv9 then ECSAv9, as a stepping stone towards my ultimate goal of OSCP.
I have read a lot of negatives reviews regarding EC-Council. It’s difficult to determine if the negativity is aimed towards EC-Council as an organisation or if it includes the course content also, in particular the newer v9 courses.
I have not found much information regarding ECSAv9, outside of EC-C. However, I do like the idea of pen testing then submitting a report as an added challenge, before being eligible for the exam.
I have also looked into the GIAC route, but as I’m self-studying, it’s a tad out of my price range.
If anyone can share their experiences, particularly regarding ECSAv9, such as if it met your expectations or not, I would be grateful. Also, comments regarding any other points raised above would be most welcome.
Given price is a concern, you may also want to check out eLearnSecurity's courses. You can try their sample demos and they do have a Xmas Promotion. They also have "Elite PenTester bundle", "4 in a box", "All Access Pass" promotion. Their certs are not as well known as GIAC or CEH, but a couple of us are using eLS as a intermediate step to OSCP
Depends on how much money you have available. ECSA is reasonably priced but GCIA has more respect in the industry. That said, if you are just looking to kill time and continue learning, do ECSA. If you want a career changer/improver, I say to GCIA. GCIA though will cost around 6k if out of pocket. See if your employer will pay for it. EC-Council also recommends you have a CEH or equivalent knowledge before taking ECSA so maybe consider doing CEH if you don't have that cert yet.
Agreed - As mentioned, I'll be starting things off with CEH before moving onto ECSA.
I now have a good idea and general insight of what's involved.
My understanding is that CEH will give me the fundamentals (theory) of EH and ECSA get the chance to apply it.
Comments
- ECSA: 35 hits
- GCIA: 790 hits
Bottom line: ECSA won't do much for you unless it is required by the employer, and I doubt you'll come across anyone that will demand it.
Current Goal: CCSE
Continuous Education Plan: AWS-SAA, OSCP, CISM
Book/CBT/Study Material: Max Power
All that said i vote GCIA (completely unbiased right?). SANS training is some of the best you'll find in the security sector. Also, GCIA specifically has better market share as mentioned above. The one negative, and it's the same for all SANS/GIAC stuff, is the price of entry. It's steep for an individual (~$6000 for training +$700 for test when bundled with training); that's what Danielm7 was referring to when he mentioned cost.
My first post to this forum, so go easy
I have obtained lots of useful information here, which has helped me in the decision making process towards a career in IT security.
After recently completing the CompTIA Security+, I’m ready to take the next step.
I’m planning to go for CEHv9 then ECSAv9, as a stepping stone towards my ultimate goal of OSCP.
I have read a lot of negatives reviews regarding EC-Council. It’s difficult to determine if the negativity is aimed towards EC-Council as an organisation or if it includes the course content also, in particular the newer v9 courses.
I have not found much information regarding ECSAv9, outside of EC-C. However, I do like the idea of pen testing then submitting a report as an added challenge, before being eligible for the exam.
I have also looked into the GIAC route, but as I’m self-studying, it’s a tad
If anyone can share their experiences, particularly regarding ECSAv9, such as if it met your expectations or not, I would be grateful. Also, comments regarding any other points raised above would be most welcome.
I just posted a short http://www.techexams.net/forums/ec-council-ceh-chfi/123986-ecsa-review.html#post1065606
Given price is a concern, you may also want to check out eLearnSecurity's courses. You can try their sample demos and they do have a Xmas Promotion. They also have "Elite PenTester bundle", "4 in a box", "All Access Pass" promotion. Their certs are not as well known as GIAC or CEH, but a couple of us are using eLS as a intermediate step to OSCP
I'll check out the mentioned courses also.
Good luck with
I now have a good idea and general insight of what's involved.
My understanding is that CEH will give me the fundamentals (theory) of EH and ECSA get the chance to apply it.