GXPN and GSE

McNinja · April 2016

I was looking for opinions on the GXPN and the GSE - the GXPN would essentially serve as training for the OSCP that I plan to take in or around august, and the GSE seems like a much more involved (and expensive) CISSP, which is probably understating it a bit. Are those two worth the money/time investments? I would definitely be taking classes for each cert I would have to obtain.

OctalDump · April 2016

I read an article just today about the GSE, and they described it as a 'trophy' certification. Basically, if you have all the skills and knowledge to get the GSE, then you are already massively skilled and have high level certifications (the GIAC required ones plus likely more), and you are probably just doing the GSE for the challenge.

GXPN is another matter, though. It is a high level certification in a sub speciality. I'd say if your aim is OSCP, then there are cheaper and easier routes. The GXPN appears to be harder than the OSCP from what I've read about both. But if you have the money, why not?

Robicus · April 2016

Hi McNinja,

The GSE is like the grand-daddy of SANS certs-- definitely not a CISSP equivalent. There are pre-requisites that need to be satisfied prior to applying for the GSE:

1. GSEC
2. GCIH
3. GCIA

Two of these tree certs must be gold. There are a few substitute routes as well.

Here's some additional information:
GIAC Information Security Expert | GSE Certification

TechGromit · April 2016

OctalDump wrote: »

Basically, if you have all the skills and knowledge to get the GSE, then you are already massively skilled and have high level certifications (the GIAC required ones plus likely more), and you are probably just doing the GSE for the challenge.

I think the GSE has value if you have a lot of GIAC certifications, Passing the GSE automatically renews all your GIAC certifications. If you have 5 or more GIAC certifications, you could spend a considerable amount of time and money keeping all of them current. So once you obtain the GSE, just by paying $399 every four years and passing the exam, you save number of GAIC certifications you possess times $399, not to mention the time investment involved to renew each GIAC certification seperately.

Robicus · April 2016

TechGromit wrote: »

I think the GSE has value if you have a lot of GIAC certifications, Passing the GSE automatically renews all your GIAC certifications. If you have 5 or more GIAC certifications, you could spend a considerable amount of time and money keeping all of them current. So once you obtain the GSE, just by paying $399 every four years and passing the exam, you save number of GAIC certifications you possess times $399, not to mention the time investment involved to renew each GIAC certification seperately.

+1

That's a great point! Definitely a huge benefit.

There's a bit of a kicker, though. Unlike other SANS certs that allow you yo submit CPEs, you have to re-take the GSE exam every 4 years to renew it. I believe you just have to re-take the multiple choice portion, not the hands on part.

Cheers,

TechGromit · April 2016

Robicus wrote: »

There's a bit of a kicker, though. Unlike other SANS certs that allow you yo submit CPEs, you have to re-take the GSE exam every 4 years to renew it. I believe you just have to re-take the multiple choice portion, not the hands on part.

I believe I did mention that in my previous post, however it makes me think of another problem. The as the GSEC, GCIH, and GCIA exams are based on the SANS books, the GSE exam is based on all three, and if you do not pay the $399 re-certification fee for each of the three certs you do not receive updated books to study for your GSE exam. While it's possible to pass the exam without them, the prudence course would be to pay $1,200 to get updated materials in addition to the $399 GSE exam fee.

OctalDump · April 2016

TechGromit wrote: »

I believe I did mention that in my previous post, however it makes me think of another problem. The as the GSEC, GCIH, and GCIA exams are based on the SANS books, the GSE exam is based on all three, and if you do not pay the $399 re-certification fee for each of the three certs you do not receive updated books to study for your GSE exam. While it's possible to pass the exam without them, the prudence course would be to pay $1,200 to get updated materials in addition to the $399 GSE exam fee.

I don't think that money or access to information is much of a problem if you've managed to get a GSE.

SaSkiller · April 2016

Don't be so sure on the money side. I am a few GIAC certs away and was seriously considering a GSE attempt, but ultimately I don't think its balancing out for me. I'd still have difficulty paying for the GSE, but more importantly, I don't know if the ROE is there. If I was in a different role, yeah i'm sure I could spin it into more money, but I don't know. If I had it tomorrow I don't know how I would use it to benefit my career.

McNinja · April 2016

Thanks for the answers guys. I currently hold zero GIAC certs, so starting from zero would be expensive on my end even if my company pays for one or two courses/certs. I am absolutely god-awful at self-study (but slowly getting better), so I will be taking the SANS courses for the main GSE certs, as well as the GPEN and the hands-on security class, which I think will prove incredibly beneficial based on what I've read, especially since I would like to try for the OSCP by the end of the year. If anyone has taken the course (SEC561) I'd love to hear what you have to say!

As for the GXPN, that seems like a ways away for me - I've read that it's very close to the OSCE, so I'll save those challenges for 2017

UnixGuy · April 2016

I was wondering, why did you want to skip GPEN and go straight to GXPN?

I'm looking at the course description of GXPN ... seems interesting!

McNinja · April 2016

UnixGuy wrote: »

I was wondering, why did you want to skip GPEN and go straight to GXPN?

I'm looking at the course description of GXPN ... seems interesting!

I had considered skipping it because I already have the CEH, which I understood to be very similar. However, I feel that the added learning experience would be worth it (and the GPEN cert), especially since the GXPN is much more difficult that I originally thought, to the point that I'm beginning to feel that I could achieve the GSE before the GXPN.

UnixGuy · April 2016

It does look intimidating! Was hoping to hear from someone who took the GXPN on how hard it is or how viable an option to taking it with just CEH type knowledge. It's meant to teach you some exploit development, but how much background does it assume I don't know

OctalDump · April 2016

If you are interested in pen testing and exploit development, then I'd recommend "Gray Hat Hacking The Ethical Hacker's Handbook". It gives a pretty good overview of everything, just enough to know what's involved if you start going down that path.

docrice · April 2016

I've never looked into the CEH myself, but to my understanding it doesn't compare to taking SEC560 and the GPEN. At all.

SEC660 bumps it up even more, and a co-worker of mine went through both. While the course description for 660 implies you don't need programming experience, his opinion was that's not the case.

xXxKrisxXx · April 2016

Hey All,

Just wanted to pitch in on this thread. Regarding the renewal of GIAC Certifications, this process has been changed and now won't cost you $399 per certification. Check out their new renewal methods below: How to Renew Your GIAC Security Certification Basically paying $399 doesn't just help in renewing 1 certification, but if you have the CPE's backing you, you could potentially renew 2 or 3.

Though I haven't taken the SEC561 course, I know they recommend it for people with the GPEN or already have penetration testing experience. It's more of a hands-on course where 80% of the time is spent doing labs and breaking into things. The remaining 20% is spent on lecture and learning information. From what I've heard it's basically you using techniques you've learned in SEC560 to accomplish labs, plus there's a bit more course content that they didn't cover in SEC560. While it's good, I don't think this is one of the popular SANS courses. Usually people with GPEN certifications want to learn more and pickup another certification by taking on SEC660 (GXPN).

OP, you may already know this but SEC660 won't serve as a good substitute for PWK (OSCP). The intensions involved in creating the SEC660 course were to move more into the realms of 'Advanced Penetration Testing'. They pretty much look at everyone in the class as already having a good amount of experience doing Network Based Penetration Testing. They kick it up a notch and teach you what you need to know to move from being a standard penetration tester (perhaps beginner/intermediate) to more of an, 'Advanced' level. The course is intense, and the course author is brilliant. A lot of people compare it to the OSCE, but it actually has more content than CTP and is updated on more of a regular (2-4 times per year) basis. If you look at the CTP syllabus, the Cracking the Perimeters content hasn't even updated to Version 2 of the course. I e-mailed Offensive Security about this years ago and it was confirmed they have no plans on updating the material. I'm sure it's still a good course, but I've heard of some of it being a bit out of date (attacking Windows Vista, when you'd be attacking Windows 8 & 10 in SEC660, etc). To me, Offensive Security took the CTP material and got even more hardcore with the material in Advanced Windows Exploitation. In my opinion, maybe they don't update CTP because there'd be a bit of content overlap with some of AWE and their AWAE course. They're charging a fraction of the cost for CTP while AWE and AWAE sells out at black hat each year very quickly.

I'll second having to know programming before you jump into a course like SEC660. I mean if you look at the course, Day 3 alone is committed to Python and Scapy. I highly recommend you look into the OSCP only if you have the will power and enough time to dedicate to learning in the lab environment. SEC560 (GPEN) does teach a similar curriculum to Penetration Testing with Kali (OSCP), but you'll be allowed longer time in the labs, they hit on topics not included in PWK like Wireless Penetration Testing, etc. You're going to learn so much in either course you pick. The PWK course is always going to have a special place in my heart.

GXPN and GSE

Comments