[WEB SECURITY] Certification CEH, CPT or SANS GIAC GPEN

Shyaam shyaam at gmail.com
Tue Jun 10 20:20:43 EDT 2008


I agree. SANS is "thee" best in the industry due to few reasons:
1. Quality (even when SANS is open book, they are hard for everyone)
2. Legacy (it has been there since the beginning of infosec)
3. Materials (The materials provided for a 6 day course is equivalent of
what someone would find for an entire semester, since people who have some
interest in it can expand on it. SANS materials gives links and related
sites to help their students expand on their skills).
4. SANS Gold Paper (Real research and people who has put in effort can only
publish in there).
5. Experience (You dont gain just book skills, you get more of corporate
related kind of experience if you work on their practicles)
6. Networking (SANS is so networked as people from different parts of the
world and different companies come and attend at different places).

There are various other reasons why SANS is better than the other certs.
Though, I DO NOT say that any cert is NOT worthy or is NOT good, as I do not
have enough experience to declare that.

If you are looking for a job in DoD, I heard that CEH or CNDA is considered,
though once again SANS is listed in the 8570 and also ANSI accredited. CEH
has a good way of putting their materials together too, since they have
always had good way of listing tools under specific category and stuff.
Though, once again I am not sure of how you could have an exact comparison,
since I haven't done CEH yet.

One thing is guaranteed for sure. No matter how many certs we do, it is the
hands-on and the experience that we put in, along with the hard work that
counts. SANS can only show you the way along with some hands-on techniques.
But to continue after that, research and go in-depth and stuff is all in
your hands.

Shyaam
www.linkedin.com/in/intrusion

On Tue, Jun 10, 2008 at 7:57 PM, Jenkinson, John P (SAIC) <
John.Jenkinson at bp.com> wrote:

> best is so subjective
> advantages to SANS in my opinion
> 1) very new course by a top researcher in the field
> 2) wide variety of delivery methods (self study, @home, conference,
> local mentor, etc)
> 3) every 4 years you can get an updated copy of the material by
> recertifying at nominal cost
>
> -----Original Message-----
> From: Katie Riley [mailto:luvelvis at gmail.com]
> Sent: Tuesday, June 10, 2008 2:44 PM
> To: websecurity at webappsec.org
> Subject: [WEB SECURITY] Certification CEH, CPT or SANS GIAC GPEN
>
>
> I am investigating courses that deal with application security,
> specifically looking courses offered by InfoSec (Ethical Hacking,
> Advanced Ethical Hacking, Penetration Testing, and Application Security)
>
> and by the SAN institute (Network Penetration Testing and Ethical
> Hacking).
>
> Each offer different certification opportunities, EC-Council CEH or SANS
>
> GIAC GPEN.  Does anybody have any advise to offer as to which
> certification is more widely recognized or considered best?
>
> Thanks in advance
>
>
> ------------------------------------------------------------------------
> ----
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20080610/315b2115/attachment.html>


More information about the websecurity mailing list