SANS 514 and others - Feedback

credogcredog Registered Users Posts: 4 ■□□□□□□□□□
I'm thinking about taking 514 (including GIAC cert) and was looking for some feedback on what others think of it. I typically take more technical courses (just got 511 GMON cert and have taken 504), but was thinking of going in this direction for my next SANS course in early 2018 to try and round out the SANS training. Also, already have the CISSP. The 512 seemed a bit to introductory based on the description. Any feedback would be appreciated.

Also considering the following if I go technical:
FOR508: Advanced Digital Forensics, Incident Response, and Threat Hunting
SEC505: Securing Windows and PowerShell Automation
SEC573: Automating Information Security with Python

Comments

  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    if you're the primary defender or in charge of the primary defenders in a predominantly based windows environment, SEC505: Securing Windows and PowerShell Automation is worth its weight in gold. probably one of the most useful classes you'll get from SANS from a blue side
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    You really didn’t give us much detail about your role if you wanted additional recommendations. CISSP CBK is still the gold standard for managing InfoSec. The MGT517, Managing Security Operations sounds interesting but don’t know your role or future goals.
  • trueshrewkmctrueshrewkmc Member Posts: 107
    FOR508 is very tool centric and very Windows centric. I took it as my first SANS class and as prep for FOR578. Learned about some interesting tools, but I learned very little about incident response and threat hunting. I'm a CISSP (self study) too and wish I'd gone straight to FOR578.

    There are references in FOR508 to FOR408, but you don't have to take FOR408 first.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    FOR508 is very tool centric and very Windows centric. I took it as my first SANS class and as prep for FOR578. Learned about some interesting tools, but I learned very little about incident response and threat hunting. I'm a CISSP (self study) too and wish I'd gone straight to FOR578.

    There are references in FOR508 to FOR408, but you don't have to take FOR408 first.
    They renamed 408 to 500 now.
Sign In or Register to comment.