[TriLUG] SANS Security certification
purvis at melete.org
Fri Jan 26 21:35:40 EST 2007
Byarlay, Wayne A. wrote:
> Greetings Triluggers, Midwest lurker here,
> Are any of you familiar with the SANS organization, and their various
> certifications? If so, what is your opinion?
Disclaimer: I've been involved with the SANS organization for a long
time (author, certification grader, attendee, although not instructor).
That out of the way, I like the SANS certifications. If you're looking
at security work, SANS are good technical certifications to have, and
they're starting to show up on more and more job listings alongside
longstanding certs like the CISSP. Having just been through the whole
job search process in security, I can tell you that the CISSP is still a
more valuable cert (especially in terms of money), but the SANS certs
will often get you through the "HR firewall" just as well, and more
employers are recognizing them these days as a plus.
The SANS courses tend to reflect more technical than theoretical
content, although they have a wealth of new certs now and have realigned
the GSEC curriculum to align perfectly with the CISSP domains (meaning
that taking the GSEC curriculum will typically prepare you decently well
for taking the CISSP as well). The CISSP tends to be described as an
inch deep and a mile wide, whereas the SANS individual curricula tend to
be just the opposite--perhaps a foot wide and a mile deep, as it were.
The certification process is easier than it used to be, as they're
trying to encourage growth, but it's nowhere near a cakewalk, so plan to
spend some time working on it after taking the course.
If you have specific questions about the certification process, what's
involved, the history of the certs, or more of my personal opinions on
the subject (so I don't bore everyone), I'd be happy to share them with
any interested offline--just drop me an email.
More information about the TriLUG