PaulDotCom mailing list archives
Re: Career Advice
From: Michael Allen <sector876 () gmail com>
Date: Fri, 22 Mar 2013 13:36:02 -0500
I have taken both. The first obvious difference is the price. Offsec courses are a LOT cheaper than SANS. That said, both courses compliment each other quite well. As mentioned earlier Offsec is very practical and focuses primarily on attack. SANS on the other hand also focuses on offensive techniques but also touches on the business aspects of a pentest. So you cover things like establishing scope, rules of engagement applicable laws etc. One other notable difference is the support structure. With Offsec you are on your OWN. Yes, there is the IRC forum but the majority of the time you will be on your own. Contrast that against SANS. If for example you are doing GPEN via onDemand then you have access to an online tutor etc. For a better feel of the differences check out the reviews on ethicalhacker.net. Several threads over there address this issue. Regards, Michael aka @_dark_knight_ On Thu, Mar 21, 2013 at 8:17 AM, Brian Seel <brian.seel () gmail com> wrote:
I am proud to say that I am working on setting up a blog (want to do it with Dango instead of using a plug and play blog to hopefully work on my Web knowledge which is in adequate). Thanks yo you guys for motivating me to do that. I am taking sans 560 this week (found out my employer had an extra seat and jumped on it). How does that compare to the Os course? On Mar 21, 2013 8:16 AM, "Dan" <xxsegfaultxx () gmail com> wrote:One thing that I can't recommend enough is the training from Offensive Security. The reason I like this training/cert is that not only do you learn the tools and techniques of how to conduct a pen test, you also need to show it in a practical exam. This also includes the most important element of pen testing…the reporting. You could be the most elite kernel hacker but if you can't document findings to a variety of people (technical and non techicanl) you've wasted a lot of time. http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/ On Feb 23, 2013, at 12:07 AM, Brian Seel <brian.seel () gmail com> wrote:Note: I am trying to keep this email vague so it is generic forposterity's sake. I am trying to not make the question specific to my situation so others can use your advice.========= So long time listener (pre Ep 100) who has been doing computer securityrelated things for the last four years or so since college. I would really like to break into the pentesting arena, but I really like my current day job for a variety of reasons (pay definitely not being one of them).Basically, I would really like to do commercial pentesting on a parttime basis, where I take a week or two off from my day job every few months and try to gain experience in the commercial realm and get my feet wet with a different way of approaching computer security. Within the next year I would love to leave my day job and do pentesting full time, but I dont feel confident enough just yet. As a bit of background, right now I am doing some Metasploit dev for my employer, but I am not able to do an end to end pentest.My question is if you have any advice about the best way to try to geta part time pentesting job. I am not under any illusion that trying to do pentesting part time is not going to be an easy sell. I know that, but I think my unique skill set will make *someone* want to take a flier on me. But, considering that most of you are probably pentesters, or in fields closely related, what would make you want to take someone on in a part time basis. Or is there really no case where you would consider that?_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Michael Allen| Security Consultant CEH, OSCP, GPEN, GWAPT, GCIA
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Re: Career Advice, (continued)
- Re: Career Advice gold flake (Feb 25)
- Re: Career Advice Brian Seel (Feb 25)
- Re: Career Advice yersinia (Feb 25)
- Re: Career Advice Bill Swearingen (Mar 23)
- Re: Career Advice Brian Seel (Mar 24)
- Re: Career Advice Kevin Shaw (Feb 25)
- Re: Career Advice Brian Seel (Mar 21)
- Re: Career Advice Dan (Mar 22)
- Re: Career Advice Michael Allen (Mar 22)
- Re: Career Advice Michael D. Wood (Mar 24)