Options

Has anyone taken SEC530: Defensible Security Architecture?

futurehendrixfuturehendrix Member Posts: 28 ■□□□□□□□□□
in GIAC
Has anyone taken SEC530: Defensible Security Architecture? If so, how was it? I'm currently a security analyst and just got my GCIA and see myself moving into an engineer role in a year or two.

I don't see a certificate associated with it on the SANS website.
· Share on FacebookShare on Twitter

Comments

  • Options
    LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    Sorry if this response came later, but as someone who had gone through several of the SANS course, I would like to share my input with regards to new courses. Based on my past experience with SANS courses, I would suggest that it is not worth picking it up as the content had not mature enough to worth paying for the price value as of yet. If you are looking into a good course from SANS, its better to go for those contents that had been refined several times over the years, especially for courses that had been around for at least more than a decade.

    Using Advanced Security Essentials as an example, there is a huge difference in the course materials when I got it in 2013 as compared to 2017 materials which I had gotten from renewing the cert. When going through advanced security essentials back in 2013, there are several sections that is lacking in depth as someone who has high regards with SANS materials. Therefore, if you are looking at the solely the content materials at the point in time, it would be more ideal to go for a course that had been refined several times. However, the good part about GIAC is that you will receive updated materials each time you renew. Hence even if the course material may not that good when it started out as a new course, its quality will get better over time and you can learn new things just by reading the updated materials.

    If you are looking for security engineering role, then SEC511: Continuous Monitoring and Security Operations should be more ideal. However, even if I do not had GMON. I had colleagues who had gone for that courses to let me know enough that the materials may not have mature enough as of yet. It may still be a good course if you are looking into breaking into security engineering.

    Otherwise, you can also look into sticking to the ideal path for security analyst -> forensics router. GCIA + GCFE + GCFA + GREM is actually some of the good certifications you should aim for if you are looking into security analyst work in high tier security operations cetner.
    · Share on FacebookShare on Twitter
  • Options
    futurehendrixfuturehendrix Member Posts: 28 ■□□□□□□□□□
    LionelTeo wrote: »
    Sorry if this response came later, but as someone who had gone through several of the SANS course, I would like to share my input with regards to new courses. Based on my past experience with SANS courses, I would suggest that it is not worth picking it up as the content had not mature enough to worth paying for the price value as of yet. If you are looking into a good course from SANS, its better to go for those contents that had been refined several times over the years, especially for courses that had been around for at least more than a decade.

    Using Advanced Security Essentials as an example, there is a huge difference in the course materials when I got it in 2013 as compared to 2017 materials which I had gotten from renewing the cert. When going through advanced security essentials back in 2013, there are several sections that is lacking in depth as someone who has high regards with SANS materials. Therefore, if you are looking at the solely the content materials at the point in time, it would be more ideal to go for a course that had been refined several times. However, the good part about GIAC is that you will receive updated materials each time you renew. Hence even if the course material may not that good when it started out as a new course, its quality will get better over time and you can learn new things just by reading the updated materials.

    If you are looking for security engineering role, then SEC511: Continuous Monitoring and Security Operations should be more ideal. However, even if I do not had GMON. I had colleagues who had gone for that courses to let me know enough that the materials may not have mature enough as of yet. It may still be a good course if you are looking into breaking into security engineering.

    Otherwise, you can also look into sticking to the ideal path for security analyst -> forensics router. GCIA + GCFE + GCFA + GREM is actually some of the good certifications you should aim for if you are looking into security analyst work in high tier security operations cetner.

    Hey Lionel, thanks for the reply. I was worried about taking the new course and I think I'll heed your advice and wait a while. The fact that it's without a cert might also make it harder for my boss to get behind spending the $$ for the course and travel with no cert at the end.

    I've thought about GMON and while I currently am an analyst and will be for perhaps the next year or two, I do want to move towards more of an engineer rule. Does GMON provide good value for that role?
    · Share on FacebookShare on Twitter
  • Options
    LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    I wouldn't say that the SANS course for GMON would fit exactly for every security engineer role. Based on my understanding on all the available SANS courses, continuous monitoring security operations is probably the closest you can get if you are looking at deploying detection and defence.

    https://www.sans.org/course/continuous-monitoring-security-operations

    Value wise would largely depend on what are you looking for. If you are looking for getting a good knowledge to help you in an upcoming potential role, then it can help to a certain extent by showing that you are interested in this area and the length you had taken to upgrade yourself. If you are looking at market value, it is probably less recognize since the cert is much less well known than other GIAC cert.
    · Share on FacebookShare on Twitter
  • Options
    futurehendrixfuturehendrix Member Posts: 28 ■□□□□□□□□□
    LionelTeo wrote: »
    I wouldn't say that the SANS course for GMON would fit exactly for every security engineer role. Based on my understanding on all the available SANS courses, continuous monitoring security operations is probably the closest you can get if you are looking at deploying detection and defence.

    https://www.sans.org/course/continuous-monitoring-security-operations

    Value wise would largely depend on what are you looking for. If you are looking for getting a good knowledge to help you in an upcoming potential role, then it can help to a certain extent by showing that you are interested in this area and the length you had taken to upgrade yourself. If you are looking at market value, it is probably less recognize since the cert is much less well known than other GIAC cert.

    Thanks, Lionel. I think I'm going to aim for the GMON next year. We get one training/cert per year so I think it'd be a good choice.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.