Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
GIAC
What's your favorite Sans course and why?
YuckTheFankees
Just like the title says, what's your favorite Sans course and why?
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
TechGromit
So far? SANS 504, very interesting material, well rounded course. Love authors stories on the MP3, also the GCIH is a highly desirable certification by potential employers.
[Deleted User]
560. Overall well designed/balanced course on penetration testing!
al88
508.. it's where I've found real usable Practical knowledge for
my
everyday Enterprise investigations. A lot of the other defensive courses does give value but rarely used it it's not your job title/description.
The anti-forensic methods of 508 applies for offensive specialists too.
JoJoCal19
I've only done 401 and 503, however I'd vote for 504 or 560 just based on reading over the course descriptions on SANS' site. Plus Ed Skoudis is the best.
Randy_Randerson
So I'll list out what I've taken as context to what one is my favorite:
SEC504 (GCIH)
SEC560 (GPEN)
SEC660 (GXPN)
SEC617 (GAWN)
SEC542 (GWAPT)
SEC575 (GMOB)
SEC573 (GPYC)
FOR408/500 (GCFE)
FOR508 (GCFA)
FOR518
FOR526
FOR585 (GASF)
FOR578 (GCTI)
FOR572
FOR610 (GREM)
Out of all of them, I feel the most fun has been SEC575. Phone are not going anywhere in both corporate environments and personal. Learning how to break an Android app or doing packet captures through your iPhone can be very vital if you're just doing bug bounties or if you're trying to see if something is spying on you...OR if your companies app is broadcasting your creds in the clear.
Far as the most relevant to my job, can't fail with GCFA regardless if you do DFIR or if you're looking at Red Teaming.
LWB250
I would concur on 504. I was lucky and got to do work study for mine that was taught by John Strand. John did a fantastic job and was very engaging, which is hard to do in a course with this level of material and the time it takes to teach it.
This was the third SANS class I've done in person, and by the fourth or fifth day you can be really wiped out with brain overload. John did a great job keeping the conversation on point, providing real world examples of the material application, and staying engaged with the participants.
I'm not diminishing the performance of my other instructors, just saying that John has been the best I've had so far, which made 504 my favorite.
sb97
Resurrecting an older thread that came up while I was search for past posts about FOR578 and the GCTI.
The most fun class I took was SEC503 partially due to the instructor Mike Poor. The best and most relevant class I have taken is FOR508. I did that one on demand so I missed out on some of the live experience but the subject material is the most relevant to what I was doing professionally at the time.
MalwareMike
I've only taken SEC401 and SEC504 but I start SEC542 on Monday...and I'm hoping it will be my favorite course thus far.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
![Photo of [Deleted User]](https://us.v-cdn.net/6030959/uploads/defaultavatar/nE1RZK93BLG3K.jpg)
