Any opinions on SEC530?

MitM

It's been some time since it's been out.  I was wondering if anyone has attended the course?

catscaps

I attended, what do you want to know. I thought it was valuable, but of course the value of the course depends on your current knowledge set and job function. There is zero trust stuff, hardening network and system defenses, etc.

jchamilton

I would also like some feedback on this course. I am a firewall administrator with GCIA and my company is giving me a choice between SEC530 GDSA or FOR572 GNFA next.

I was originally planning on the 530 because of the course objectives, but I recently read elsewhere that the SEC530 was disappointing and still needs to mature some. I am also not sure if the GNFA will overlap too much with GCIA.

MitM

catscaps thanks for the reply.  Most of my focus is network security.  I was really looking for opinions of the course....the content, value? etc.   

@jchamilton why so many replies with the same stuff? lol

iBrokeIT

Your best bet in situations like this would be to check out the SANS webcast archive.  There are two webcasts about SEC530 that should give you a feel for the class: The Perimeter is Dead: Introducing SEC530: Defensible Security Architecture by Justin Henderson, Eric Conrad and Trust No One: Introducing SEC530: Defensible Security Architecture by Eric Conrad.

catscaps

MitM the course has some hands-on labs and is a good overview of locking down systems- from network to systems to cloud. 

I am not sure how maturing the class would help it get better. I know some people that the class started kinda slow on the first day, but as I asked each day, they were very happy that they took the course. I took SEC566, I would say this SEC530 is kind of like the companion to it in a way. SEC566 is the 20 critical controls, and SEC530 kinda focuses on the first few, the more important ones and goes over have to secure.

jchamilton  FOR572 and SEC530 are two very different courses and depend where you are in your career. Are you responsible for securing or are you responsible for response/remediation? How robust is your current network security posture? If you are in the building phases or reevaluation phase, then maybe do SEC530. If you have an established network security program, and are looking to advance your knowledge, then maybe the FOR572 is a better choice.

MitM

@iBrokeIT thanks, I had watched those webcasts when they first came out.  They make the course look great, of course

@catscaps thanks for the info!  SEC 503, SEC 530 and FOR 472 all look fantastic

E Double U

catscaps said:

 I took SEC566, I would say this SEC530 is kind of like the companion to it in a way. SEC566 is the 20 critical controls, and SEC530 kinda focuses on the first few, the more important ones and goes over have to secure.

This is good to know. I have taken SEC566 earlier this year and plan on taking SEC530 in January. I am still not 100% sure that I should take the course. 

MitM

E Double U said:

This is good to know. I have taken SEC566 earlier this year and plan on taking SEC530 in January. I am still not 100% sure that I should take the course. 

Do you self fund those?

E Double U

MitM said:

E Double U said:

This is good to know. I have taken SEC566 earlier this year and plan on taking SEC530 in January. I am still not 100% sure that I should take the course. 

Do you self fund those?

No way lol. 

MitM

E Double U said:

MitM said:

E Double U said:

This is good to know. I have taken SEC566 earlier this year and plan on taking SEC530 in January. I am still not 100% sure that I should take the course. 

Do you self fund those?

No way lol. 

That's what I figured lol.  I can't get a SANS course approved for the life of me.  If I attend, it'll be out of my own pocket

E Double U

I have paid for exams out of pocket earlier in my career, but never training and especially not SANS. If I was determined to attend SANS and had to pay it for myself then I would go with the work study option.