Enough cash for just...

babmhkk

If your employer (or anyone not you) only had enough funds to cover one SANS course for red-teaming for you (full-price + on-demand + voucher), would you pick a SANS course, eLearnSecurity's All-Access Pass, a combination of Offsec and eLS training, or something else entirely?

NetworkNewb

Would never pay for SANS out of my pocket personally. I'd go for OSCP

babmhkk

Allow me to clarify (I had this in my head but didn't write it, my b), this will change the question dramatically lol: if your employer (or anyone else that's not you) had enough for just one of the options above what would you choose?

mbarrett

I would a Safari subscription or other all-access pass. Safari has enough training materials, including videos, that are relevant to most any track you choose and will keep you occupied for a very long time.

babmhkk wrote: »

a combination of Offsec and eLearn training

I don't know what that means.
SANS is in the 99th percentile of most expensive training options, from what I can tell. If you are paying out of pocket or on some other budget there are plenty of better options for your $$

babmhkk

mbarrett wrote: »

I don't know what that means.

A combination of Offensive-Security and eLearnSecurity training

NotHackingYou

If you're up for the challenge, I think you'll learn the most out of the OSCP material. You can get 120 days of lab time and the PDF/Videos for under $1500. You won't be able to get the same depth and time in different attacks in a weeklong training.

LordQarlyn

I agree that for out of pocket, SANS is not the best value (on your employer's dime that's another story lol). I suppose if I could get one GIAC cert, it would probably GSLC or GSNA as they would help me should I want to be an information security consultant as well as helping me in my current role.
On the other hand, if I had that amount of money for SANS + GIAC cert, I would probably spread it out over several certs, particularly focusing on regulatory compliance and auditing(CISA, 27001), but that's just me and where I seem to have more aptitude.

babmhkk

Got enough posts to be able to edit, so I edited the original post to clarify what I mean so there's less confusion.

p@r0tuXus

Penetration Testing with Kali + 90 days Lab access + Certification $1,150
https://www.offensive-security.com/information-security-training/penetration-testing-training-kali-linux/


Penetration Testing Professional - PTP - Elite Course & Cert (eLearnSecurity) $1,199
https://www.elearnsecurity.com/course/penetration_testing/enroll


SANS Work Study Program Facilitator Fee (GPEN): $1,100
https://www.sans.org/work-study/


Grand total = $3,449


or...


SANS GPEN course ($5,910 + on-demand (free) + voucher ($689)) ... Total $6,599
https://www.sans.org/selfstudy/course/network-penetration-testing-ethical-hacking


Comprehensive strategy with 3 of the most respected pen-test certs on this site with tons of resources, labs, pdfs, videos, on-demand access and all for more than $3000 less than just one course. Could you get them to pay for all 3 instead of 1 if you show them the savings and ROI?

babmhkk

Work study is not an option for me. Taking that out of the equation how would that affect your answer? Is SANS more industry-recognized than Offsec (excluding their time in the market)? Is the quality and ROI of one SANS course (in this context probably GPEN or GWAPT) greater than that of eLS' All Access Pass or a smaller bundle plus PWK (and maybe WIFU)?

boot

What is your goal (and your employers goal, since they're paying)? Do you see yourself taking a new job, and want to make yourself more hireable/worth a higher pay? Does your employer want to market security services you can provide to customers? Does your employer want to educate yourself to provide security services internally in the company?

SANS has higher market value/recognition, both towards future employers and customers (if certs are asked for by customers at all). Offsec and eLS will provide more practical training. You will still learn with SANS, but Offsec/eLS is the practical approach, and for the money will cover more topics. Offsec has higher market value/recognition than eLS, but they're both niche to those not well oriented in the security industry.

Note that eLS also has the 4-course bundle (pick any 4 courses). You can get that, PWK/OSCP 90 days and CTP/OSCE 60 days together for less than full SANS price ($6150, spend the rest on some good security books if you can). Consider that, if you're going to do red-teaming there are several eLS courses you don't need (they might teach you a thing or two you can make use of, but for red-teaming the Offsec courses is better value).

ELS will launch one or two new courses in the near future (supposedly new topics, not new versions of existing courses) - guessing during September, certainly within the year. You might want to wait and see what it is, if you can. Especially if you're considering the all access pass.

TechGromit

babmhkk wrote: »

If your employer (or anyone not you) only had enough funds to cover one SANS course for red-teaming for you (full-price + on-demand + voucher), would you pick a SANS course, eLearnSecurity's All-Access Pass, a combination of Offsec and eLS training, or something else entirely?

I'm confused, do you mean I can only take one Sans Course. or one other different course, or several other courses in place of instead of a SANS course?

If your point is would I pick a SANS course OR another course, of course I would pick a SANS course over another course. SANS certifications are worth quite a lot, compares to training from another vender with no certification behind it.

If your point is would I pick a SANS course OR several other course instead. Maybe, If one of the course was something like a OSCP, and another course, it would be worth it to trade a SANS for a certification training and additional training.

While SANS training is good, the certifications most SANS courses have are very valuable.

TechGromit

p@r0tuXus wrote: »

SANS Work Study Program Facilitator Fee (GPEN): $1,100
https://www.sans.org/work-study/

You say that like it's easy to do, like you just have to tell SANS they you want to be a facilitator, and they say no problem, just pick your course. The reality is some people try for years to get picked to facilitate and may or not get the course they most desire.

p@r0tuXus

TechGromit wrote: »

You say that like it's easy to do, like you just have to tell SANS they you want to be a facilitator, and they say no problem, just pick your course. The reality is some people try for years to get picked to facilitate and may or not get the course they most desire.

Forgive my apparent lack of consideration, TechGromit. I realize that not all who attempt to get the WorkStudy program are selected and sometimes those selected cannot attend due to short notification time-lines. I was considering a best-case scenario for the sake of comparison so OP could get more bang for their buck. Like some that are on this site, if I was in the OP's shoes, I'd enroll in the eLS PTP course and work on that for 3-4 months after signing up for the work-study program. If not selected by the time the eLS course was done, then I'd start the OSCP. With the gains earned by that time, if WorkStudy happened, it wouldn't be as difficult to recover the lost time with OSCP since the material is in the same general direction and the user's spare $3K could probably be used to extend some lab-time on OSCP to make up for the time spent with WorkStudy.

EANx

If I was sort of a newb at networking and pen-testing, but given a budget of US $5900 (SANS GPEN), I'd do the following (all prices are retail, discounts are available):

Online CCNA $1900 (ICND 1 & 2 plus labs through the Cisco Learning Store)
CCNA exam: $300 x2
eLearnSecurity PTS Full: $300
eLearnSecurity PTP Elite: $1200
OSCP 90 days: $1150
OSCP + 60 days: $450

Total $5600 This gives you multiple shots at the CCNA, OSCP and eCPPT without trying to cram anything into a very tight timeframe.