Sans sec642

jjones2016

Getting sponsored for this later in the fall. Has anyone been through the course yet? What did you personally think about the pace of the course, and would you recommend it?

Thanks!

kanikedude03

I haven't taken sec642, but I did take sec542. I would imagine that the pace of sec642 is going to be more advanced. I know the pace difference between sec560 and sec660 (both of which I have taken) is absolutely insane. I felt sec560 was pretty easy and relatively moderately paced, but sec660 was insane and I found myself staying after to get all of the labs working as they should. Given that sec560 and sec660 are completely different classes from sec542 and sec642 so you may want to take my advice with a grain of salt. Anyways, at least it's a data point if no one else has first hand experience.

If web app pen testing is something that you do everyday, you would want to do sec642, but if it's something that you rarely do, I would recommend taking sec542 first. For me, most of the concepts and tools were new and there was a lot of new information to take in for sec542, so skipping straight to sec642 would've been much more difficult for me. But I have friends that were taking that class while I was and said that it was mostly a waste for them because they already knew everything (and the CTF on day 6 was really easy for them). They said that they wish they would've skipped straight to sec642. I hope that helps!

ohm

There is a lot of information to digest but that's true for all SANS courses. As long as you know basics of web app pentesting you should be fine. Instructor is great and class is a lot of fun. Definitely recommend it.

TechGromit

I noticed a degree of increasing difficulty between a 400 and 500 level class. I would expect the same from a 500 to 600 level. And forget about a level 700 class. I see they introduced level 200 course as well.