Good News, SANS Increases prices again!
Comments
-
beads Member Posts: 1,533 ■■■■■■■■■□@TechGromit & @Beads : we're talking about GCIH here right?
An emphatic yes. I found GCIH to be little more challenging than say GSNA or CEH. The methodologies are sound enough but having worked heavily with LightCyber Magna, Damaballa, SentinelOne and throw in CyberReason on the NBAD/MAD side alone. I rarely bother to look at SIM, SIEM or other log collectors. I use the PICRELL method all day long.
Rely on tools like PDF dumper, OLIDebug even BugZilla to do my effective hunting. The rest feels pretty old school. I don't rely on A/V signatures or static analysis without something tabulating and doing dynamic analysis in the background.
Besides these tools generally give me months of tabulated analysis to work with.
Still its best to learn maths without a calculator. Learn to do the analysis the hard way, first.
Better tools. Better results.
- b/eads