[WEB SECURITY] Certification CEH, CPT or SANS GIAC GPEN

Mark Roxberry mroxberr at msn.com
Wed Jun 11 12:39:49 EDT 2008 

Do the SANS certs have continuing education requirements (or recertification requirements)?   IMHO, I think that adds a lot of value to a certification (if one knows to verify someone's certification).  As long as its not vendor lock-in, this will at least challenge a cert holder to step out of their day-to-day role (or maybe not, it has for me).  CEH recently added a CPE requirement, so I think that is good.  I don't know SANS though.
 


Date: Tue, 10 Jun 2008 20:20:43 -0400From: shyaam at gmail.comTo: John.Jenkinson at bp.comCC: luvelvis at gmail.com; websecurity at webappsec.orgSubject: Re: [WEB SECURITY] Certification CEH, CPT or SANS GIAC GPENI agree. SANS is "thee" best in the industry due to few reasons:1. Quality (even when SANS is open book, they are hard for everyone)2. Legacy (it has been there since the beginning of infosec)3. Materials (The materials provided for a 6 day course is equivalent of what someone would find for an entire semester, since people who have some interest in it can expand on it. SANS materials gives links and related sites to help their students expand on their skills).4. SANS Gold Paper (Real research and people who has put in effort can only publish in there).5. Experience (You dont gain just book skills, you get more of corporate related kind of experience if you work on their practicles)6. Networking (SANS is so networked as people from different parts of the world and different companies come and attend at different places).There are various other reasons why SANS is better than the other certs. Though, I DO NOT say that any cert is NOT worthy or is NOT good, as I do not have enough experience to declare that.If you are looking for a job in DoD, I heard that CEH or CNDA is considered, though once again SANS is listed in the 8570 and also ANSI accredited. CEH has a good way of putting their materials together too, since they have always had good way of listing tools under specific category and stuff. Though, once again I am not sure of how you could have an exact comparison, since I haven't done CEH yet.One thing is guaranteed for sure. No matter how many certs we do, it is the hands-on and the experience that we put in, along with the hard work that counts. SANS can only show you the way along with some hands-on techniques. But to continue after that, research and go in-depth and stuff is all in your hands.Shyaamwww.linkedin.com/in/intrusion
On Tue, Jun 10, 2008 at 7:57 PM, Jenkinson, John P (SAIC) <John.Jenkinson at bp.com> wrote:
best is so subjectiveadvantages to SANS in my opinion1) very new course by a top researcher in the field2) wide variety of delivery methods (self study, @home, conference,local mentor, etc)3) every 4 years you can get an updated copy of the material byrecertifying at nominal cost


-----Original Message-----From: Katie Riley [mailto:luvelvis at gmail.com]Sent: Tuesday, June 10, 2008 2:44 PMTo: websecurity at webappsec.orgSubject: [WEB SECURITY] Certification CEH, CPT or SANS GIAC GPENI am investigating courses that deal with application security,specifically looking courses offered by InfoSec (Ethical Hacking,Advanced Ethical Hacking, Penetration Testing, and Application Security)and by the SAN institute (Network Penetration Testing and EthicalHacking).Each offer different certification opportunities, EC-Council CEH or SANSGIAC GPEN.  Does anybody have any advise to offer as to whichcertification is more widely recognized or considered best?Thanks in advance----------------------------------------------------------------------------Join us on IRC: irc.freenode.net #webappsecHave a question? Search The Web Security Mailing List Archives:http://www.webappsec.org/lists/websecurity/Subscribe via RSS:http://www.webappsec.org/rss/websecurity.rss [RSS Feed]Join WASC on LinkedInhttp://www.linkedin.com/e/gis/83336/4B20E4374DBA----------------------------------------------------------------------------Join us on IRC: irc.freenode.net #webappsecHave a question? Search The Web Security Mailing List Archives:http://www.webappsec.org/lists/websecurity/Subscribe via RSS:http://www.webappsec.org/rss/websecurity.rss [RSS Feed]Join WASC on LinkedInhttp://www.linkedin.com/e/gis/83336/4B20E4374DBA
_________________________________________________________________
Instantly invite friends from Facebook and other social networks to join you on Windows Live™ Messenger.
https://www.invite2messenger.net/im/?source=TXT_EML_WLH_InviteFriends
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20080611/19a99afa/attachment.html>

More information about the websecurity mailing list