g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
I am trying to plan for next years training. I am wondering which course I should pursue first? GCIH or GMON?

My current role is focused on the defensive side.

Thank You!


  • Options
    the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    GMON will focus on detecting an attack where as GCIH (I believe) deals with the clean up. So if you are more on the detecting/hunting side go with GMON, if you are more on the incident response side go with GCIH.
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • Options
    636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Both courses are great. If you're a blue teamer (defense) then I'd start with GMON. As your friends at SANS will tell you - offense informs defense, so GCIH (which includes hacking techniques) would also help you identify how bad guys work and give you something to think of as you're building your technical controls
  • Options
    NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Yea, after taking the GCIH I would assume the GMON would have to go over the defense aspects more. Was a lot of going over hacking techniques in the GCIH course.
  • Options
    g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
    Thanks everyone! This is very helpful. Has anyone take the GMON course with Seth Misenar?
  • Options
    beadsbeads Member Posts: 1,531 ■■■■■■■■■□
    How does one recognize the hack without ever performing the offensive hack? Clearly, GMON is easier to absorb but how do you handle the incident past that point? There is reason we keep stressing hacking skills in security.


    - b/eads
  • Options
    cyberguyprcyberguypr Mod Posts: 6,928 Mod
    <sarcasm> Not an issue. That very popular MSSP made a business model out of this. </sarcasm>
Sign In or Register to comment.