eLearnSecurity - IHRPv1 - Incident Handling and Reponse

135

Comments

  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    just went through the first 2 labs IHRP v1 - looks pretty good and neat!
  • u1trasu1tras OSCP, eCTHP MoscowMember Posts: 81 ■■■□□□□□□□
    Nice to hear it @Skyyyyy2001. What I'm thinking of is that we have to see 4 new modules till Jan 11. Will eLS release it?
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • chrisonechrisone Senior Member Member Posts: 1,964 ■■■■■■■■□□
    on January 3rd they released 2 labs that correspond to the study modules that were originally released. So that was the update for that week. I suppose late January is the next update and will include 2 new modules for study modules.

    I guess the following formula makes sense:
    release updates (modules) for study
    release updates (labs) for the released study modules
    Certs: CISSP, CRTP, eCPPT, LFCS, CEH, AZ-900, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (in-progress), Corelan: Advanced Exploit Development
    Certs: VHL: Advanced+ (completed), OSCP (in-progress), SLAE32, OSCE, AZ-500
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
  • chrisonechrisone Senior Member Member Posts: 1,964 ■■■■■■■■□□
    edited January 2019
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
    How did you like the THP course? Also how long did you study for the GCIH exam and did you take the SEC504 course?
    Certs: CISSP, CRTP, eCPPT, LFCS, CEH, AZ-900, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (in-progress), Corelan: Advanced Exploit Development
    Certs: VHL: Advanced+ (completed), OSCP (in-progress), SLAE32, OSCE, AZ-500
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    chrisone said:
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
    How did you like the THP course? Also how long did you study for the GCIH exam and did you take the SEC504 course?
    I didn't take both THP and GCIH. This info is what I have gathered from other forums. 
  • chrisonechrisone Senior Member Member Posts: 1,964 ■■■■■■■■□□
    chrisone said:
    My personal thoughts are if you have already signed up for THP or GCIH certified then don't go for IHRP. Otherwise, just signed up and go for it.
    How did you like the THP course? Also how long did you study for the GCIH exam and did you take the SEC504 course?
    I didn't take both THP and GCIH. This info is what I have gathered from other forums. 
    oh ok I understand it was your personal thoughts, not personal experience. 
    Certs: CISSP, CRTP, eCPPT, LFCS, CEH, AZ-900, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (in-progress), Corelan: Advanced Exploit Development
    Certs: VHL: Advanced+ (completed), OSCP (in-progress), SLAE32, OSCE, AZ-500
  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    How are you IHRP folks? Have you tried some lab? I saw up to Lab 4 were uploaded in our account. Let me hear your thoughts. 
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    r3nzsec said:
    How are you IHRP folks? Have you tried some lab? I saw up to Lab 4 were uploaded in our account. Let me hear your thoughts. 
    Suricata topic... seems nice. Gotta check it. Looking forward for more reading materials.
  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    edited February 2019
    r3nzsec said:
    How are you IHRP folks? Have you tried some lab? I saw up to Lab 4 were uploaded in our account. Let me hear your thoughts. 
    Suricata topic... seems nice. Gotta check it. Looking forward for more reading materials.
    Thanks @SleepyLCTL

    I found this Suricata in some JDs like in Google, Facebook? Can't remember but one of them needs to have atleast the knowledge of it. So I think this will be a great advantage for us as well for someone new to this. I am also waiting for the additional reading as well in video resources. 

  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    guess Suricata is good in its way and if we figure out how to use it that would be a great skillset to have.
  • u1trasu1tras OSCP, eCTHP MoscowMember Posts: 81 ■■■□□□□□□□
    This course from AND looks pretty nice for those who interested in Suricata:
    https://www.networkdefense.io/library/intrusion-detection-with-suricata/about/
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • tripleatriplea SSCP, MCP, MCTS, MSDST, Sec+, ITIL-Fv3, CCA, eJPT UKMember Posts: 179 ■■■□□□□□□□
    Fingers crossed its in this years training budget.
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    So, it seems that final content was finally revealed. And I have to say, that at the moment I am disasspointed. From the beginning I was mostly interested in SOC 3.0 Operations and the content I got... is ****. I was expecting interesting theory about SOC and its operations :expressionless: and got... list of SIEM quieries...
    • Module 1: Zero Value;
    • Module 2: Good, some info regarding Win logs, zero about Linux logs, zero about general logs - proxies, FWs, AVs... nothing about where to get logs... at least high level;
    • Module 3: **** load of Splunk/ELK queries, which could have been added as resource - however no background
    • Module 4: 23 damn slides... where they do one joke example
    I am pissed of, disappointed and whatever. From this chapter I expected the most, and I got around 20-40 garbage slides per module.

    I am not talking about the facts, they promised similar lab workload like in PTP - 30 labs, here are approx. 10 labs. Also no videos, so far I went thru Incident Handling - no damn value, when I read NIST Incident Handling - I learned more. Traffic analysis - shitty, and SOC 3.0 ... as above. Also no videos.

    Today, when I see, it's released I was excited - plenty of reading for next few months. As I finished section SOC 3.0 in like half hour... probably not for few months... I was expecting a lot, I got few slides of garbage.

    So my thoughts, they promised a lot, they delivered ****, videos are missing, slides - the most bragging part sucks and seems not teaching me anything worth the money, labs - I don't want to rate. Price - big. I do not recommend. I hope they ... add like 300 slides to SOC 3.0... because this is joke. Seriously, 20 slides is joke.
  • securityorcsecurityorc Member Posts: 52 ■■■□□□□□□□
    Wow..following your post I checked out the course forums and what I saw supports your opinion..1 video for the "best course on incident response"?! There are plenty of unhappy people and the instructor gives canned answers and literally dismisses the negative feedback (which is well-earned) by saying that there are other questions to answer in the forums. And his reply to your post on the forums..just wow.

    My expectations for this course just went through the floor..I will start going through it and update with opinions, but this just cements my bad experience with eLS, which I will review soon. Suffice it to say, I won't buy any other course from them.
  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    So, it seems that final content was finally revealed. And I have to say, that at the moment I am disasspointed. From the beginning I was mostly interested in SOC 3.0 Operations and the content I got... is ****. I was expecting interesting theory about SOC and its operations :expressionless: and got... list of SIEM quieries...
    • Module 1: Zero Value;
    • Module 2: Good, some info regarding Win logs, zero about Linux logs, zero about general logs - proxies, FWs, AVs... nothing about where to get logs... at least high level;
    • Module 3: **** load of Splunk/ELK queries, which could have been added as resource - however no background
    • Module 4: 23 damn slides... where they do one joke example
    I am pissed of, disappointed and whatever. From this chapter I expected the most, and I got around 20-40 garbage slides per module.

    I am not talking about the facts, they promised similar lab workload like in PTP - 30 labs, here are approx. 10 labs. Also no videos, so far I went thru Incident Handling - no damn value, when I read NIST Incident Handling - I learned more. Traffic analysis - shitty, and SOC 3.0 ... as above. Also no videos.

    Today, when I see, it's released I was excited - plenty of reading for next few months. As I finished section SOC 3.0 in like half hour... probably not for few months... I was expecting a lot, I got few slides of garbage.

    So my thoughts, they promised a lot, they delivered ****, videos are missing, slides - the most bragging part sucks and seems not teaching me anything worth the money, labs - I don't want to rate. Price - big. I do not recommend. I hope they ... add like 300 slides to SOC 3.0... because this is joke. Seriously, 20 slides is joke.
    It seems that they've probably rushed this course just to meet the deadline and ****. I'm kinda disappointed too. And I'm also looking for more videos but we only got one :( Sad
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    I don't believe, they can afford getting such a reputation here. We(Sec Guys) are kinda IT geeks and I guess majority of their potential customers might check this forum before making a purchase. They have to act upon this. If they don't, their reputation will go rock bottom. I asked for refund. I mean, the price of the course is approx. 1,3 of average salary in my country. They have to deliver damn good stuff for that - no matter they try to be "cheaper and better" than SANS.
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    I just posted a comparison of PTP v4 and IHRP v1 to the forum.

    Long story short,
    • PTP v4 with Ruby = over 5500 slides! 
    • IHRP v1 = over 1200 slides!

  • u1trasu1tras OSCP, eCTHP MoscowMember Posts: 81 ■■■□□□□□□□
    edited April 2019
    So, guys, I completely disappointed too(( They promised a lot and we had to get one of the best IR courses. But, it's really weak course. eLS also promised about 30 Labs (like in PTP), but released only 8. I agree with @r3nzec, seems like they just rushed this course just to meet the deadline and totally forgot about its quality.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • u1trasu1tras OSCP, eCTHP MoscowMember Posts: 81 ■■■□□□□□□□
    I don't believe, they can afford getting such a reputation here. We(Sec Guys) are kinda IT geeks and I guess majority of their potential customers might check this forum before making a purchase. They have to act upon this. If they don't, their reputation will go rock bottom. I asked for refund. I mean, the price of the course is approx. 1,3 of average salary in my country. They have to deliver damn good stuff for that - no matter they try to be "cheaper and better" than SANS.
    I'm going to ask for refund too. Where did you write them?
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    Guys... In order to get somewhere, please make some noise. Please comment my topic on ELS as well, give it more traction. So far I am the only one basically, if you write there as well, we can maybe push them a bit harder. I asked support, they ignored it. i will ask again. But please, add few comments to my thread if you are disappointed as well. https://community.elearnsecurity.com/topic/6762-soc-30-section-and-its-content/ Once you join the party, they have to either lock the thread or react. Let the resistance raise! I am awaiting your comments.
  • u1trasu1tras OSCP, eCTHP MoscowMember Posts: 81 ■■■□□□□□□□
    "Practical Incident Handling" section of the course contains 0(!) labs. It should be renamed as "Theoretical IH". SOC 3.0 section contains only 2 labs (for Splunk and ELK). That's definitely isn't enough.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    Well, there are some related labs in different sections, however please write down your thoughts to the official forum. Here is no use.
  • new2Secnew2Sec Member Posts: 24 ■■□□□□□□□□
    I heard els forum they locked posts that criticize.
      
    Is true Demitrus write:
    1) "The course is actually being used to train intermediate SOC analysts in large" on a course that hasn't been completely released yet?
    2) "Since everything we wanted was covered, unfortunately I can't spend more time on this. Locking the thread..."

    Note to self, never buy els course "sight unseen." New business model You by course, we partially make it terrible.

    2018 I pass PTS PTP they good.  I want course succeed it look good. So far, only reach suck, but they do it best. They need try harder. 
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    edited April 2019
    They will maybe lock it, however if we do not "spam" them, nothing will change. ... I am willing to create threads till my refund.
  • new2Secnew2Sec Member Posts: 24 ■■□□□□□□□□
    I check website. no president or ceo only gm. Only one security person. 20 web developers. How they work? one person support 15 courses and create new?
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    I guess they cannot ban me as a paying customer. :smiley:
  • SleepyLCTLSleepyLCTL eCPTT, CCNA CyberOps, Pentest+ Member Posts: 27 ■■■□□□□□□□
    new2Sec said:
    I check website. no president or ceo only gm. Only one security person. 20 web developers. How they work? one person support 15 courses and create new?
    I don't care, how many people are in ELS, till they create a good stuff. They did not.
  • SexyLemurSexyLemur Member Posts: 9 ■■□□□□□□□□
    edited April 2019
    Well I voiced my opinion. To be fair I focused on quantity like videos and labs because we were promised more and I felt like that was a valid complaint but yeah in regards to elearnsecurity, I will be focusing on red team certs. 
  • SexyLemurSexyLemur Member Posts: 9 ■■□□□□□□□□
    Those emails that you all posted about amount of labs being the same as the ecppt was one of the biggest reasons why i bought this course and they advertised that they would have "hours of videos" and only had 1 video. LIke come on now man. Thats false advertisement. 
Sign In or Register to comment.