I've never taken a single SANS course, so i cannot compare but i can tell you this. The Offensive Security course is practical. It requires you to connect to labs and practice your skills. Also the exam consists of a series of hosts you must exploit within a 24 hour period. There are not multiple choice questions here.
This is then followed up with a report of your findings. If the report isn't detailed enough, you can fail. On Mar 21, 2013, at 9:17 AM, Brian Seel <[email protected]> wrote: > I am proud to say that I am working on setting up a blog (want to do it with > Dango instead of using a plug and play blog to hopefully work on my Web > knowledge which is in adequate). Thanks yo you guys for motivating me to do > that. > > I am taking sans 560 this week (found out my employer had an extra seat and > jumped on it). How does that compare to the Os course? > > On Mar 21, 2013 8:16 AM, "Dan" <[email protected]> wrote: > One thing that I can't recommend enough is the training from Offensive > Security. The reason I like this training/cert is that not only do you learn > the tools and techniques of how to conduct a pen test, you also need to show > it in a practical exam. > > This also includes the most important element of pen testing…the reporting. > You could be the most elite kernel hacker but if you can't document findings > to a variety of people (technical and non techicanl) you've wasted a lot of > time. > > http://www.offensive-security.com/information-security-training/penetration-testing-with-backtrack/ > > > > > On Feb 23, 2013, at 12:07 AM, Brian Seel <[email protected]> wrote: > > > Note: I am trying to keep this email vague so it is generic for posterity's > > sake. I am trying to not make the question specific to my situation so > > others can use your advice. > > > > ========= > > > > So long time listener (pre Ep 100) who has been doing computer security > > related things for the last four years or so since college. I would really > > like to break into the pentesting arena, but I really like my current day > > job for a variety of reasons (pay definitely not being one of them). > > > > Basically, I would really like to do commercial pentesting on a part time > > basis, where I take a week or two off from my day job every few months and > > try to gain experience in the commercial realm and get my feet wet with a > > different way of approaching computer security. Within the next year I > > would love to leave my day job and do pentesting full time, but I dont feel > > confident enough just yet. As a bit of background, right now I am doing > > some Metasploit dev for my employer, but I am not able to do an end to end > > pentest. > > > > My question is if you have any advice about the best way to try to get a > > part time pentesting job. I am not under any illusion that trying to do > > pentesting part time is not going to be an easy sell. I know that, but I > > think my unique skill set will make *someone* want to take a flier on me. > > But, considering that most of you are probably pentesters, or in fields > > closely related, what would make you want to take someone on in a part time > > basis. Or is there really no case where you would consider that? > > _______________________________________________ > > Pauldotcom mailing list > > [email protected] > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > > Main Web Site: http://pauldotcom.com > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
