GCIH or GMON

g33k3r · September 2016

I am trying to plan for next years training. I am wondering which course I should pursue first? GCIH or GMON?

My current role is focused on the defensive side.

Thank You!

the_Grinch · September 2016

GMON will focus on detecting an attack where as GCIH (I believe) deals with the clean up. So if you are more on the detecting/hunting side go with GMON, if you are more on the incident response side go with GCIH.

636-555-3226 · September 2016

Both courses are great. If you're a blue teamer (defense) then I'd start with GMON. As your friends at SANS will tell you - offense informs defense, so GCIH (which includes hacking techniques) would also help you identify how bad guys work and give you something to think of as you're building your technical controls

NetworkNewb · September 2016

Yea, after taking the GCIH I would assume the GMON would have to go over the defense aspects more. Was a lot of going over hacking techniques in the GCIH course.

g33k3r · September 2016

Thanks everyone! This is very helpful. Has anyone take the GMON course with Seth Misenar?

beads · September 2016

How does one recognize the hack without ever performing the offensive hack? Clearly, GMON is easier to absorb but how do you handle the incident past that point? There is reason we keep stressing hacking skills in security.

Perplexing.

- b/eads

cyberguypr · September 2016

<sarcasm> Not an issue. That very popular MSSP made a business model out of this. </sarcasm>

GCIH or GMON

Comments