eLearnSecurity - IHRPv1 - Incident Handling and Reponse

135

Comments

  • Skyyyyy2001Skyyyyy2001 Posts: 57Member ■■■□□□□□□□
    just went through the first 2 labs IHRP v1 - looks pretty good and neat!
  • u1trasu1tras OSCP, eCTHP MoscowPosts: 81Member ■■■□□□□□□□
    Nice to hear it @Skyyyyy2001. What I'm thinking of is that we have to see 4 new modules till Jan 11. Will eLS release it?
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • chrisonechrisone CISSP, CRTP, eCPPT, LFCS, CEH, Azure Fundamentals, Retired Cisco NPs Posts: 1,900Member ■■■■■■■■□□
    on January 3rd they released 2 labs that correspond to the study modules that were originally released. So that was the update for that week. I suppose late January is the next update and will include 2 new modules for study modules.

    I guess the following formula makes sense:
    release updates (modules) for study
    release updates (labs) for the released study modules
    2020 Goals:
    Courses: SpecterOps Adversary Tactics: Detection
    Certs: AZ-500 (in-progress), MS-500, Pentester Academy - PACES, Pentester Academy - CRTE, OSCP
  • Skyyyyy2001Skyyyyy2001 Posts: 57Member ■■■□□□□□□□
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
  • chrisonechrisone CISSP, CRTP, eCPPT, LFCS, CEH, Azure Fundamentals, Retired Cisco NPs Posts: 1,900Member ■■■■■■■■□□
    edited January 10
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
    How did you like the THP course? Also how long did you study for the GCIH exam and did you take the SEC504 course?
    2020 Goals:
    Courses: SpecterOps Adversary Tactics: Detection
    Certs: AZ-500 (in-progress), MS-500, Pentester Academy - PACES, Pentester Academy - CRTE, OSCP
  • Skyyyyy2001Skyyyyy2001 Posts: 57Member ■■■□□□□□□□
    chrisone said:
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
    How did you like the THP course? Also how long did you study for the GCIH exam and did you take the SEC504 course?
    I didn't take both THP and GCIH. This info is what I have gathered from other forums. 
  • chrisonechrisone CISSP, CRTP, eCPPT, LFCS, CEH, Azure Fundamentals, Retired Cisco NPs Posts: 1,900Member ■■■■■■■■□□
    chrisone said:
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
    How did you like the THP course? Also how long did you study for the GCIH exam and did you take the SEC504 course?
    I didn't take both THP and GCIH. This info is what I have gathered from other forums. 
    oh ok I understand it was your personal thoughts, not personal experience. 
    2020 Goals:
    Courses: SpecterOps Adversary Tactics: Detection
    Certs: AZ-500 (in-progress), MS-500, Pentester Academy - PACES, Pentester Academy - CRTE, OSCP
  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    How are you IHRP folks? Have you tried some lab? I saw up to Lab 4 were uploaded in our account. Let me hear your thoughts. 
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    r3nzsec said:
    How are you IHRP folks? Have you tried some lab? I saw up to Lab 4 were uploaded in our account. Let me hear your thoughts. 
    Suricata topic... seems nice. Gotta check it. Looking forward for more reading materials.
  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    edited February 19
    r3nzsec said:
    How are you IHRP folks? Have you tried some lab? I saw up to Lab 4 were uploaded in our account. Let me hear your thoughts. 
    Suricata topic... seems nice. Gotta check it. Looking forward for more reading materials.
    Thanks @SleepyLCTL

    I found this Suricata in some JDs like in Google, Facebook? Can't remember but one of them needs to have atleast the knowledge of it. So I think this will be a great advantage for us as well for someone new to this. I am also waiting for the additional reading as well in video resources. 

  • Skyyyyy2001Skyyyyy2001 Posts: 57Member ■■■□□□□□□□
    guess Suricata is good in its way and if we figure out how to use it that would be a great skillset to have.
  • u1trasu1tras OSCP, eCTHP MoscowPosts: 81Member ■■■□□□□□□□
    This course from AND looks pretty nice for those who interested in Suricata:
    https://www.networkdefense.io/library/intrusion-detection-with-suricata/about/
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • tripleatriplea SSCP, MCP, MCTS, MSDST, Sec+, ITIL-Fv3, CCA, eJPT UKPosts: 178Member ■■■□□□□□□□
    Fingers crossed its in this years training budget.
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    So, it seems that final content was finally revealed. And I have to say, that at the moment I am disasspointed. From the beginning I was mostly interested in SOC 3.0 Operations and the content I got... is ****. I was expecting interesting theory about SOC and its operations :expressionless: and got... list of SIEM quieries...
    • Module 1: Zero Value;
    • Module 2: Good, some info regarding Win logs, zero about Linux logs, zero about general logs - proxies, FWs, AVs... nothing about where to get logs... at least high level;
    • Module 3: **** load of Splunk/ELK queries, which could have been added as resource - however no background
    • Module 4: 23 damn slides... where they do one joke example
    I am pissed of, disappointed and whatever. From this chapter I expected the most, and I got around 20-40 garbage slides per module.

    I am not talking about the facts, they promised similar lab workload like in PTP - 30 labs, here are approx. 10 labs. Also no videos, so far I went thru Incident Handling - no damn value, when I read NIST Incident Handling - I learned more. Traffic analysis - shitty, and SOC 3.0 ... as above. Also no videos.

    Today, when I see, it's released I was excited - plenty of reading for next few months. As I finished section SOC 3.0 in like half hour... probably not for few months... I was expecting a lot, I got few slides of garbage.

    So my thoughts, they promised a lot, they delivered ****, videos are missing, slides - the most bragging part sucks and seems not teaching me anything worth the money, labs - I don't want to rate. Price - big. I do not recommend. I hope they ... add like 300 slides to SOC 3.0... because this is joke. Seriously, 20 slides is joke.
  • securityorcsecurityorc Posts: 48Member ■■■□□□□□□□
    Wow..following your post I checked out the course forums and what I saw supports your opinion..1 video for the "best course on incident response"?! There are plenty of unhappy people and the instructor gives canned answers and literally dismisses the negative feedback (which is well-earned) by saying that there are other questions to answer in the forums. And his reply to your post on the forums..just wow.

    My expectations for this course just went through the floor..I will start going through it and update with opinions, but this just cements my bad experience with eLS, which I will review soon. Suffice it to say, I won't buy any other course from them.
  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    So, it seems that final content was finally revealed. And I have to say, that at the moment I am disasspointed. From the beginning I was mostly interested in SOC 3.0 Operations and the content I got... is ****. I was expecting interesting theory about SOC and its operations :expressionless: and got... list of SIEM quieries...
    • Module 1: Zero Value;
    • Module 2: Good, some info regarding Win logs, zero about Linux logs, zero about general logs - proxies, FWs, AVs... nothing about where to get logs... at least high level;
    • Module 3: **** load of Splunk/ELK queries, which could have been added as resource - however no background
    • Module 4: 23 damn slides... where they do one joke example
    I am pissed of, disappointed and whatever. From this chapter I expected the most, and I got around 20-40 garbage slides per module.

    I am not talking about the facts, they promised similar lab workload like in PTP - 30 labs, here are approx. 10 labs. Also no videos, so far I went thru Incident Handling - no damn value, when I read NIST Incident Handling - I learned more. Traffic analysis - shitty, and SOC 3.0 ... as above. Also no videos.

    Today, when I see, it's released I was excited - plenty of reading for next few months. As I finished section SOC 3.0 in like half hour... probably not for few months... I was expecting a lot, I got few slides of garbage.

    So my thoughts, they promised a lot, they delivered ****, videos are missing, slides - the most bragging part sucks and seems not teaching me anything worth the money, labs - I don't want to rate. Price - big. I do not recommend. I hope they ... add like 300 slides to SOC 3.0... because this is joke. Seriously, 20 slides is joke.
    It seems that they've probably rushed this course just to meet the deadline and ****. I'm kinda disappointed too. And I'm also looking for more videos but we only got one :( Sad
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    I don't believe, they can afford getting such a reputation here. We(Sec Guys) are kinda IT geeks and I guess majority of their potential customers might check this forum before making a purchase. They have to act upon this. If they don't, their reputation will go rock bottom. I asked for refund. I mean, the price of the course is approx. 1,3 of average salary in my country. They have to deliver damn good stuff for that - no matter they try to be "cheaper and better" than SANS.
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    I just posted a comparison of PTP v4 and IHRP v1 to the forum.

    Long story short,
    • PTP v4 with Ruby = over 5500 slides! 
    • IHRP v1 = over 1200 slides!

  • u1trasu1tras OSCP, eCTHP MoscowPosts: 81Member ■■■□□□□□□□
    edited April 15
    So, guys, I completely disappointed too(( They promised a lot and we had to get one of the best IR courses. But, it's really weak course. eLS also promised about 30 Labs (like in PTP), but released only 8. I agree with @r3nzec, seems like they just rushed this course just to meet the deadline and totally forgot about its quality.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • u1trasu1tras OSCP, eCTHP MoscowPosts: 81Member ■■■□□□□□□□
    I don't believe, they can afford getting such a reputation here. We(Sec Guys) are kinda IT geeks and I guess majority of their potential customers might check this forum before making a purchase. They have to act upon this. If they don't, their reputation will go rock bottom. I asked for refund. I mean, the price of the course is approx. 1,3 of average salary in my country. They have to deliver damn good stuff for that - no matter they try to be "cheaper and better" than SANS.
    I'm going to ask for refund too. Where did you write them?
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    Guys... In order to get somewhere, please make some noise. Please comment my topic on ELS as well, give it more traction. So far I am the only one basically, if you write there as well, we can maybe push them a bit harder. I asked support, they ignored it. i will ask again. But please, add few comments to my thread if you are disappointed as well. https://community.elearnsecurity.com/topic/6762-soc-30-section-and-its-content/ Once you join the party, they have to either lock the thread or react. Let the resistance raise! I am awaiting your comments.
  • u1trasu1tras OSCP, eCTHP MoscowPosts: 81Member ■■■□□□□□□□
    "Practical Incident Handling" section of the course contains 0(!) labs. It should be renamed as "Theoretical IH". SOC 3.0 section contains only 2 labs (for Splunk and ELK). That's definitely isn't enough.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    Well, there are some related labs in different sections, however please write down your thoughts to the official forum. Here is no use.
  • new2Secnew2Sec Posts: 24Member ■■□□□□□□□□
    I heard els forum they locked posts that criticize.
      
    Is true Demitrus write:
    1) "The course is actually being used to train intermediate SOC analysts in large" on a course that hasn't been completely released yet?
    2) "Since everything we wanted was covered, unfortunately I can't spend more time on this. Locking the thread..."

    Note to self, never buy els course "sight unseen." New business model You by course, we partially make it terrible.

    2018 I pass PTS PTP they good.  I want course succeed it look good. So far, only reach suck, but they do it best. They need try harder. 
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    edited April 15
    They will maybe lock it, however if we do not "spam" them, nothing will change. ... I am willing to create threads till my refund.
  • new2Secnew2Sec Posts: 24Member ■■□□□□□□□□
    I check website. no president or ceo only gm. Only one security person. 20 web developers. How they work? one person support 15 courses and create new?
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    I guess they cannot ban me as a paying customer. :smiley:
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Posts: 27Member ■■■□□□□□□□
    new2Sec said:
    I check website. no president or ceo only gm. Only one security person. 20 web developers. How they work? one person support 15 courses and create new?
    I don't care, how many people are in ELS, till they create a good stuff. They did not.
  • SexyLemurSexyLemur Posts: 9Member ■■□□□□□□□□
    edited April 15
    Well I voiced my opinion. To be fair I focused on quantity like videos and labs because we were promised more and I felt like that was a valid complaint but yeah in regards to elearnsecurity, I will be focusing on red team certs. 
  • SexyLemurSexyLemur Posts: 9Member ■■□□□□□□□□
    Those emails that you all posted about amount of labs being the same as the ecppt was one of the biggest reasons why i bought this course and they advertised that they would have "hours of videos" and only had 1 video. LIke come on now man. Thats false advertisement. 
Sign In or Register to comment.