Best Intrusion Detection cert
billyr2009
Member Posts: 120
Hi All,
I was wondering what is the best Intrusion Detection cert apart from the GCIA? My company may not pay for training because it is expensive. So i was wondering if there was any other training out there that teaches Intrusion Detection that is pretty on par with the SANS training?
I was wondering what is the best Intrusion Detection cert apart from the GCIA? My company may not pay for training because it is expensive. So i was wondering if there was any other training out there that teaches Intrusion Detection that is pretty on par with the SANS training?
Comments
-
SephStorm Member Posts: 1,731 ■■■■■■■□□□I know there is the Snort CP cert, but I dont know anything about it or the quality of the training. I'd love to hear about any more.
-
docrice Member Posts: 1,706 ■■■■■■■■■■My old thread on this:
http://www.techexams.net/forums/security-certifications/77438-review-snort-ids-ips-rule-writing.html
SANS 503 is more appropriate for general intrusion detection focus. It covers event interpretation, mindset, and understanding IP traffic down to the most atomic level (the bits). It's like realizing how to use a microscope to look at IP communication and understanding its nature.
The Snort course is great, but it doesn't really get into the larger overview of the IDS craft as a whole, although it does touch on a few things. If you want to learn Snort as a tool, there's probably no better course than the Sourcefire one. My instructor (John ***) was the person who authored their training course, so I definitely had someone who knew the subject inside-out.
The GIAC cert is nice, but the training is the big one. The GCIA tends to be one of the more recognized in the world of GIAC certs. SnortCP ... well, I passed, which doesn't mean much since it's non-proctored and open book. Intrusion analysis is a skill that's really built upon hands-on practice, either at home or at work. SANS 503 probably had the most significant influence on my approach to network security.
If you can't afford the live instruction or SelfStudy or OnDemand, look into their Work Study program.
Edit: interesting how the last name got censored on this post. It rhymes with "bay."Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/