Sans - gse

supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
I know this is not everyone's cup of tea but anyone in here actually got the GSE? Its on my roadmap to achieve in the next five years and I would like to talk with someone who has it. Thank you in advance!
Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
Current Goal: CCSE
Continuous Education Plan:​ AWS-SAA, OSCP, CISM
Book/CBT/Study Material:​ Max Power

Comments

  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    No one in TE has it yet
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    I stopped looking at the exam after SANS changed my requirements twice and the number of GSE's was still 60. Doubt its over 100 now. Unfortunately, the degree isn't fully accredited yet and we are awash in security certifications again. No one outside of the small security field recognizes the cert is what I am getting at. So unless you want to teach for SANS there doesn't seem to be much interest.

    - b/eads
  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    beads wrote: »
    Doubt its over 100 now.

    Looks like they've been over that mark for a couple years now. 156, both active and inactive - https://www.giac.org/certified-professionals/directory/gse
    beads wrote: »
    Unfortunately, the degree isn't fully accredited yet

    The GSE isn't a degree, it's another cert and their website says otherwise about their degrees - STI FAQ
    beads wrote: »
    No one outside of the small security field recognizes the cert is what I am getting at. So unless you want to teach for SANS there doesn't seem to be much interest.

    ...or obtain their MSISE which the GSE is a requirement but yes, pretty accurate statement it seems.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    GSE is tough to get for most people due to the expense involved. For that much money it's a better overall bang for your buck to get a regular masters or doctorate degree somewhere. An MBA or JD, for example, opens doors at many companies and industries for the rest of your life. The GSE, not so much. The GSE is like getting a PhD in early 17th-century painters. Yes, expensive; yes, requires obscure in-depth knowledge that most people can't begin to understand; yes, can open doors in a very small market; yes, has lots of potential monetary payback since there are very few people who do it, but most people don't opt for a PhD in early 17th-century painters because, well, there are better places to spend your money that open more doors.....
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    @iBrokeIT;

    If your putting the FAQ up there for my benefit you have certainly succeed in wasting your time. Early on in the program I applied and was admitted. Went through 70% of the original coursework (if your reading really carefully here) and had the requirements change significantly. Time passed and got up to roughly the 60 percent of requirements completed (again) and they had to change the requirements again. Pushing a few of us back to do more remedial work in order to capture that regional certification.

    Blah. Simply became tired of chasing the capstone and the then ever changing requirements. I have a very well recognized MBA from a very prestigious school on the East coast. I stopped looked around and decided my career was not going to benefit from lifting SANS profile. If anything I maybe hurting my other credentials.

    As far as the number count goes. Clearly, your aspirations are greater than your ability to read and comprehend what it is I am saying. I STOPPED paying attention around 60 GSEs. That's all. The training is excellent but doesn't appear to mean much as far as my ability to secure or retain work. For those folks who have passed and wish to keep recertificating (sp?) more power to them.

    Personally, I no longer see the personal (that is to myself) the benefit. When the cert and degree programs were new - yes. I saw some benefit. Today? No, not so much but that's a personal decision, isn't it?

    YMMV

    - b/eads
  • iBrokeITiBrokeIT Member Posts: 1,318 ■■■■■■■■■□
    beads wrote: »
    @iBrokeIT;

    If your putting the FAQ up there for my benefit you have certainly succeed in wasting your time. Early on in the program I applied and was admitted. Went through 70% of the original coursework (if your reading really carefully here) and had the requirements change significantly. Time passed and got up to roughly the 60 percent of requirements completed (again) and they had to change the requirements again. Pushing a few of us back to do more remedial work in order to capture that regional certification.

    I wasn't challenging you on the requirements changing, that link is to the specific STI FAQ question about receiving regional accreditation which your post seemed to contradict when you said the "degree isn't fully accredited yet". Perhaps I should make a pathetic comment about your ability to click a link, read it and comprehend it since that is the direction you are taking this discussion. icon_rolleyes.gif

    Edit: You seemed to have taken what I said as a personal attack and that wasn't my intent so accept my apologies if that is the case.
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM  | GSE | GCFA

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops SANS Grad Cert: Incident Response
  • TechGromitTechGromit Member Posts: 2,156 ■■■■■■■■■□
    I know this is not everyone's cup of tea but anyone in here actually got the GSE? Its on my roadmap to achieve in the next five years and I would like to talk with someone who has it. Thank you in advance!

    Number 17 works for the company I work for. If you have a specific question about the GSE I can ask him.
    Still searching for the corner in a round room.
  • supasecuritybrosupasecuritybro Member Posts: 206 ■■■■□□□□□□
    TechGromit wrote: »
    Number 17 works for the company I work for. If you have a specific question about the GSE I can ask him.

    That would be very kind. I'll pm you tomorrow. Got a few things to do today.
    Completed: CISSP, GPEN, GWAPT, CCSA R80, eJPT, CySA+, M.S. Information Security
    Current Goal: CCSE
    Continuous Education Plan:​ AWS-SAA, OSCP, CISM
    Book/CBT/Study Material:​ Max Power
  • RobicusRobicus Member Posts: 144 ■■■□□□□□□□
    Hi all,

    This might sound a bit funny coming from someone who doesn't hold the GSE, but... I'm currently enrolled in the MSISE program. Which means that I'm actively pursuing the GSE. I have a couple of colleagues at work who hold it, and some of my classmates are scheduled to take the hands-on portion next month. I can also dig some information up if anyone is curious.

    I can also provide information on the master's program as well!
    Cheers,
    What's Next? eLearnSecurity's eCIR

    MSISE, CISSP, GSE (#202), GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, GCPM, eJPT, AWS CCP
  • quogue66quogue66 Member Posts: 193 ■■■■□□□□□□
    I will be attending a webinar about the masters program on Thursday but I'm wondering if you can answer two questions for me in case something comes up and I miss the webinar.

    1. I read that they only accept 25% of the the total certs required to complete the masters when you start and they need to be no more than 2-3 years old. I plan on starting the program next August. I expect to have completed 5-6 GIAC certs at that time. The oldest cert will be less than 2 years old. Any idea what they do if you have a cert that you took that recently? Do they make you retake a test you took 18 months ago?

    2. I know that the GSE is the final requirement for the masters degree. I also saw that you can only take the GSE 2 or 3 times. If you go through all the course work but fail the GSE exam the max number of times does that mean that you are unable to receive your masters degree?
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    There is a HUGE difference between regional and national accreditation. I just got caught in the whirlwind of bad timing and lost interest in the program. Well, that and it has become prohibitively expensive to pursue without an organization at least helping to underwrite the time off let alone the cost of tuition. Being a contractor I find it difficult to schedule the downtime to fly somewhere to take a course rather than make money in the here and now. Oh and I fly enough as it is Monday-Friday to various client sites.

    Spoiled on the paycheck enough to justify saying: Not on this one.

    - b/eads
  • RobicusRobicus Member Posts: 144 ■■■□□□□□□□
    quogue66 wrote: »
    I will be attending a webinar about the masters program on Thursday but I'm wondering if you can answer two questions for me in case something comes up and I miss the webinar.

    1. I read that they only accept 25% of the the total certs required to complete the masters when you start and they need to be no more than 2-3 years old. I plan on starting the program next August. I expect to have completed 5-6 GIAC certs at that time. The oldest cert will be less than 2 years old. Any idea what they do if you have a cert that you took that recently? Do they make you retake a test you took 18 months ago?

    2. I know that the GSE is the final requirement for the masters degree. I also saw that you can only take the GSE 2 or 3 times. If you go through all the course work but fail the GSE exam the max number of times does that mean that you are unable to receive your masters degree?

    1. The 25% total transfer percentage is correct. This translates to a total of 9 of the required 36 credit hour courses required to finish the MSISE program, for example.


    There's two categories of previous SANS experience that can be transferred as credits into STI: The first one applies to people who have completed SANS training, without taking the corresponding cert. The second one applies to people who have taken the course and the certification. It sounds like your experience falls into the second category.


    However, you can only transfer a max of two GIAC certificates into the STI program. For example, GSEC and GCIH map to two core courses in the MSISE program, both of which are 4 credit hour courses. However, these two courses require students to complete the gold paper as well. In these cases, you could transfer your GIAC certs for a total of 3 credit hours per course (3 for GSEC and 3 for GCIH). The remaining 1 credit hour per course is the result of having to complete the corresponding gold papers.


    I am confident that you could receive at least 6 credit hours (and essentially skip two courses). You may be able to use the fact that you've taken other SANS courses to obtain credit hours derived from the "first category" I described above. The only tricky part is that you've received the certs for those other courses, too.




    2. That is a great question! I know that you can reschedule if you don't pass, but I was unaware of the max retries. This is purely speculation, but I'd imagine that STI may be more lenient with STI students since the GSE is the capstone at the end of a thee+ year program. I can't imagine that they would say, "Sorry, you're out of the program. Can't try again." BUUUUT, I could be completely wrong. Hopefully no STI students are in that boat!
    What's Next? eLearnSecurity's eCIR

    MSISE, CISSP, GSE (#202), GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, GCPM, eJPT, AWS CCP
  • quogue66quogue66 Member Posts: 193 ■■■■□□□□□□
    Wow, that may change everything for me as far as going after he SANS master degree. If I can't transfer the certs that I just took into the program it may be more beneficial to go after a masters degree at Temple, BU or Johns Hopkins.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    quogue66 wrote: »
    Wow, that may change everything for me as far as going after he SANS master degree. If I can't transfer the certs that I just took into the program it may be more beneficial to go after a masters degree at Temple, BU or Johns Hopkins.
    It's pretty standard that degrees don't let you bring in a ton of prior credits. Frankly if you have a ton of GIAC certifications already and are still wanting to get a Masters degree, why not look at either a CS or Management type Masters degree? That would give you the full spectrum of knowledge...not really the end of the world.
  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    My coworker is a GSE. I've asked him to chime in.
  • vaelinvaelin Member Posts: 3 ■□□□□□□□□□
    Just took the GSE this year. #144. You can ping me questions.

    In a nutshell, GSE is just a certification. It's SANS highest level certificate and requires a two-day hands-on exam. Was definitely top two toughest exams I have ever taken. With that said, it is fair and but also do-able. Most people are capable of attaining it. The trick is the cost because you have to have a minimum of 3 GIAC certs. 5 certs if you dont write papers.

    I am currently going through the SANS master's program. I'm not sure if they changed the requirements back in the day before they were certified. SEEN HERE: U.S. Department of Education Database of Accredited Postsecondary Institutions and Programs

    I know that with degree programs in order to be certified, they cannot change the requirements on students in the middle of their degree. Im fairly certain there are laws and regulations on this. Otherwise all colleges could mass change curriculum and force students to pay more. They can change it but once a student is enrolled in a program, their requirements stay the same. Again, not saying they didnt but if they did, it was before they were certified.
  • quogue66quogue66 Member Posts: 193 ■■■■□□□□□□
    This was my question from the masters degree webinar and the answer:

    Q: I read that you can only take the GSE exam 3 times because of the content of the hands on portion of the exam. How does this factor into receiving your masters degree? If you fail the GSE 3 times does that mean that you can't receive the masters degree?
    A: This is a possibility. Currently passing the GSE is a requirement for graduation.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    vaelin wrote: »
    I know that with degree programs in order to be certified, they cannot change the requirements on students in the middle of their degree. Im fairly certain there are laws and regulations on this. Otherwise all colleges could mass change curriculum and force students to pay more. They can change it but once a student is enrolled in a program, their requirements stay the same. Again, not saying they didnt but if they did, it was before they were certified.
    Without knowing the laws...graduate programs give you a time frame that courses are to be completed within and I know of people that missed that time frame and had to conform to the new requirements. With that being said I've never seen anything outside of that type of scenario, or switching universities....being forced into new requirements because like you said everybody would suck every last dime out of students.
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    @vae How is your career experience like and is it of any help to you for your GSE exams?
  • vaelinvaelin Member Posts: 3 ■□□□□□□□□□
    @Lio

    It has definitely already progressed my career. I currently work for a defense contractor as a penetration tester. IT's great, pays a buttload and I absolutely love it. Though I just landed the job this past June. It was down between me and a couple guys. They were looking for people primarily with OSCP (which I also passed in recent months). The GSE was icing on the cake and set me out from the other candidates. Of course I knew a guy working there so that helped (but having the GSE made it an easy for him to sell me to the bosses).

    1. Is the GSE worth it? ---- For me, Definitely. It's not the only route though.

    2. Would I recommend getting it? ---- Definitely.

    3. How much time should you invest? ---- Depends, for me, having taken 5 giac exams within 6 months really helped. I then studied for 1 year before taking the hands-on exam. I took the first multiple choice test about 4 months after my last GIAC test. 5 years is definitely TOOO long to study for it. You will hemorage as much information as you will learn. Just hit studying hardcore for 6 months to a Year+. To make it so I couldnt retreat, I paid the 2500 immediately. This forced me to study.

    4. Cost --- For me, my previous employer paid for me to go to the SANS courses so I paid almost nothing (The GSE practicaly was $2500 however icon_sad.gif). Overall, paying just 2500 for it was worth it. Of course they have SANS instructors proctoring the hands on exam over two days so I can understand the cost. I probably wouldnt have done it if I had to pay for all my certs out of pocket. I probably wouldnt recommend it either unless you are rich.

    5. Learn ---- Realize that you get out of any cert what you put into it. Seriously, I know guys who brute force the tests by crunch studying and building ridiculously comprehensive indexes. They may have passed but they didn't learn anything. I took my time, did the practice exervises, read the books and learned a SHITLOAD. SANS is by far my favorite training company. Absolutely superb if you invest yourself into the courses. Dont do this, and you may pass but you wont learn anything. At that point, your just a cert-guy with no hands on ability.

    6. Recommendation for studying ---- Its really simple. They give you a guideline of everything that will be on the test (GIAC Information Security Expert | GSE Certification). Make sure you know every tool they list backwards and forwards. I mean really know the **** out of them. Then rely on **** sheets to backup the gaps. You will have access to the internet but it is limited so you cant rely on it (if you do too much, you will fail). Literally, all you need to know is on that page. Then remember that the core three SANS courses they base this course off of is GSEC, GCIH, GCIA. Know those books well and you will do fine.

    7. What is the GSE exam like? ---- Its super friggin stressful and yet everything on the exam is very do-able. They exam doesnt require you to be a computer science genius. Instead, they focus on you incident handling skills, your writing skills, and technical hands-on capability. To accomplish this, they give you a MOUNTAIN of tasks. I mean literally pages and pages of things to do. All things that if I gave to the above average IT guy, they could reasonably accomplish with google and a few days work. Problem is you essentially have 16 hours, or 2 business days to complete the content. This is what makes it stressful and helps to emulate real-life incident handling. Because in the real world, decisions need to be made quickly. This lets them see how well you do under stress, how/what you prioritize and your technical proficiency. As I said, in order to pass, you have to know your tools. you simple cant be on google or in your **** sheets for long or you WILL fail.

    Also dont expect to complete absolutely everything. Have to use your best judgement and prioritize whats important.

    I studied my ass off and I'm just above average technically. Even with that, I only felt about 75% sure I passed. Fortunately i did though :)

    Hope that's helpful to everyone.
  • vaelinvaelin Member Posts: 3 ■□□□□□□□□□
    @quo

    From what I understand, failing it 3 times if failing. If you can't complete it then you likely arent MSIS(E)-ngineer material. It's not really getting into computer science. Just being proficient and technical enough with tools.

    With that said, I believe I heard of one MSISE student who failed it and switched from MSISE to MSIS(M)-Management
    SANS Masters degree information security management - MSISM Degree

    You still take a capstone but I believe it's a different type of GSE. They have GSE regular, malware and compliance. You can see that here:
    GIAC GSE Certified Security Expert Professionals | Directory

    Then if your not a technical guru, you just better remember the shiz out of compliance standards and be a good manager (also incredibly important in security).

    I wouldnt put a negative connotation on the GSE Compliance. Not at all. I have had some seriously shitty managers/compliance guys and they made the job miserable. It's also far more stressful then being a tech lead. I have the upmost respect for those who excell in these areas. It's totally an area Im terrible at.
  • gwood113gwood113 Member Posts: 66 ■■■□□□□□□□
    @vaelin
    Thanks for the great insight on your GSE experience. I've been curious about it and it's difficult to find many experiences from certified folks posted on the internet.
  • TeokTeok Registered Users Posts: 2 ■□□□□□□□□□
    I'm curious about the MSISE, so thank you @Robicus and @Vaelin for sharing your knowledge! I have some questions for you.

    1. I noticed both MSISE and MSISM require the SANS MGT 525 class, IT Project Management and Communication. I understand that the class prepares you to take the PMP certification. Do the SANS Masters degrees require you to earn a PMP certification? PMP requires 3+ years of project management experience. Is that something I should get started on before signing up for MSISE?

    2. Only 9 credits or 2 certs can be transferred in? Can you link to that information on their website? I do not see it in the FAQ.

    3. Do you need a score of over 80% on the cert for it to count toward MSISE? In the past I heard a rumor you had to score above 80% for a certification to count toward a degree, however I cannot find that requirement on their website anymore.

    4. Why is 514 represented as 514.4 for the MSISE degree? Is it functionally different from the 514 offered onDemand other than requiring a paper? It seems like most of the courses require papers, but none of the others have different course numbers.

    Thanks for your help!
  • TeokTeok Registered Users Posts: 2 ■□□□□□□□□□
    rudegeek wrote: »
    Actually I found this: http://www.sans.edu/downloads/guide_to_waivers.pdf

    Waivers may be granted for up to, but not more than, one-quarter(25%) of the total number of credit hours or credit-hour equivalents required by the program.

    RudeGeek posted a link regarding SANS class waivers in pursuit of their Masters degrees.
Sign In or Register to comment.