Which Sans Course and certification from these two?!

CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
I have funding to do two SANS Course's. I've already chosen to do GREM - which is the reverse malware engineering, a topic I am very interested in and a really unique/niche area.  

The other two options are as follows: 

OPTION 1)  SANS FOR572 - Advanced Network Forensics: Threat Hunting, Analysis and Incident Response

GNFA certification : GIAC Network Forensic Analyst

  • I do digital forensics at the minute but not much networking stuff
  • I do some incident response but I am law enforcement so most of it is just asking companies for data ... it would be good to do it myself and learn more
  • I don't do any threat hunting but I am really interested in this area

OPTION 2)  SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
GXPN certification - Exploit researcher and advanced penetration tester

  • I am reluctant about this as I think I would find it very difficult (I'm not against working hard but genuinely not sure if it's beyond my abilities)
  • Also I'm not really interested in being a pen tester ... it's a very niche area and I'm not sure if it's that beneficial given
  • However, it may be fit in well with my OSCP and help build on some of my knowledge I have got from that 

Any thoughts?

Thanks


My Aims
2017: OSCP -
COMPLETED
2018: CISSP -
COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
COMPLETED
           GIAC GREM - Reverse Engineering of Malware -
COMPLETED

2021: CCSP
2022: OSWE (hopefully)

Comments

  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    I'm personally not a big fan of SANs but if you already have funding - well...

    I recall you are sitting for the CISSP - you could also consider the MGT414 - https://www.sans.org/ondemand/course/sans-plus-s-training-program-cissp-certification-exam



  • Cuse0311Cuse0311 Member Posts: 53 ■■■□□□□□□□
    Based on what you've stated above I would go with FOR572 over SEC660, especially since you have no desire to be a pen tester or have no interest in it. FOR572 is an excellent course. I took it several years ago with Phil Hagen. He's a tremendous instructor with lots of real world experience from various environments. I think you'll learn a ton and enjoy it. Let us know what you decide to do.
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    I think 660 is a little more akin to OSCE than OSCP, at least as far as topics. (I've not looked much at the 660 course syllabus.) It's less about pen testing like OSCP, and more about exploit writing and bug hunting.

    Besides, it already sounds like you're leaning to the Network course. Stick with your gut.

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    Ignore all, I am going for the networking one.  I know that is the right one for me.
    Thanks everyone 
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • StormFiberStormFiber Member Posts: 5 ■■□□□□□□□□
    edited December 2018
    paul78 said:
    I'm personally not a big fan of SANs but if you already have funding - well...

    I recall you are sitting for the CISSP - you could also consider the MGT414 -

    I've not looked much at the 660 course syllabus.
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    paul78 said:
    I'm personally not a big fan of SANs but if you already have funding - well...

    I recall you are sitting for the CISSP - you could also consider the MGT414 - https://www.sans.org/ondemand/course/sans-plus-s-training-program-cissp-certification-exam




    Out of interest why don't you like the SANS courses?  It's unusual to see someone say that as most seem to rate them highly
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■

    Out of interest why don't you like the SANS courses?  It's unusual to see someone say that as most seem to rate them highly
    My comment is economically related. I've only taken 2 SANS courses SEC542 and MGT414. IMO, the value isn't really there.  Perhaps the 600-level courses are better but the SEC542 was structured like a survey course.
Sign In or Register to comment.