Re: Recommended training course?

["Johannes B. Ullrich" <jullrich () sans org>]

/* disclaimer: I work for SANS */

Take a look at http://www.sans.org. Plenty of courses to choose from. I will not comment on quality as I work for them. 
Essentially all of them include hands on exercises and can be taken live or online. I will gladly provide more 
information off-list.

Most security courses (ours included) require some understanding of the underlying operating system and technology. For 
example, in order to understand SQL injection, you first need to know how SQL "works". If you are new to this all, it 
may be better to start with a more introductory course, or do some learning on your own to get yourself ready.





----- Original Message -----
From: "Jimmy Liang" <staufj22 () yahoo com>
To: webappsec () securityfocus com
Sent: Sunday, July 13, 2008 1:18:00 AM GMT -05:00 US/Canada Eastern
Subject: Recommended training course?

Hello,

I’m looking at expanding my security knowledge and am looking for recommendations on training courses. I’ve had a few 
years of Windows and Solaris admin experience managing 30 or so 24/7 systems, and minimal web application development. 
I know the basic concept of SQL injection and CRLF injection, but wouldn’t know how to actually apply it in real life.

I’ve been looking at the Foundstone courses, specifically, the “Ultimate Hacking: Expert” course. This is mainly 
because the regular “Ultimate Hacking” and “Ultimate Web Hacking” courses are not offered in my area any time soon. I’m 
a little concerned that the course description says that advanced Unix and Windows knowledge is required… What does 
advanced mean?

Anyone else have other recommendations on classes? I learn best with hands on training with a live instructor.

Any recommendations is greatly appreciated.

-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------


-- 
SANSFIRE 2008 - Washington DC; 42 courses, July 22-31; http://www.sans.org/info/26174

-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------