Free Professional Pen Testing Security Workshop

Static M.e.

I was quite impressed I havent seen any of the tools in use before, just read alot about them, so to see them in action was good.

Many Thanks to New Horizons and Wayne.

wind00ze

Im still a bit unsure on how well recognized the CPTS is.
Basically im wondering is it worth the 2500 euros to do the course.
Im sure you learn alot doing the course, buts its still a lot of money.

vinks

it was a mild disappointment for me, but i guess the session was an introductory one with a specific market in mind.

i would have been more interested in seeing how one would manage several hundred machines in a coherent and secure manner (rolling out updates, maintaining authentication systems and the such with common practices)

the session felt very windows centric, but dont most systems store their data on unix backends these days if they want to be competitive and to be able to scale up?

Cake Fiend

This was pretty much as I expected, and I'd support something like this again. It's easy to slag off the lack of technical demonstration etc, but bear in mind that the security pros in the room were outnumbered by the suits and vaguely-interested lesser nerds. You can't expect low-level discussion at a seminar like that (unfortunately, we weren't really shown whether the full course would be different or not...)

I can't say I learnt anything new personally (and tbh, I was a bit unsure about taking a course from someone who didn't know how to restart windows explorer ), but at least people are going to the effort to spread the word to the corporate-types about the importance in security. I was surprised to see how much interest there was from the corporate sector, I expected to see more 'got root?' tshirts and 2600 caps etc

2500 is a lot of money for an individual, but it's nothing to a business for which knowledgeable security staff is important. If I were to think about paying for the course myself though, I'd need to know a lot more about it! Bear in mind though, many certification exams can be taken without doing the official course beforehand, I wonder if the CPTS is one? It would work out a lot cheaper to study on your own and just pay for the exam.

aerocell

There were a few interesting point's to which were brought up, I did learn one or two new things, so I suppose it wasnt a waste of time for me anyhow.
The fact that it was free was also a bonus.
Was kinda dissapointed with all the automated tools, would of liked to of seen compiling from a shell or the likes.
But all in all it wasnt a wated evening.
Looking forward to the link of the seminar that he done previous without the techinacl difficutlites.
Just my two cents.

romperstomper

Nothing is a waste of time if you learn even one new thing IMO
One disappointment for me is that I went to the course pondering whether we should invest time and money in the couse and I'm afraid I left without knowing how indepth the workshop would be, so if it was a sales pitch it failed in that regard. However as a wakeup call on the vulnerability of systems and the speed at which exploits were released it certainly succeeded and I would be interested in attending future seminars.

Shad0r

wind00ze wrote:

Im still a bit unsure on how well recognized the CPTS is.
Basically im wondering is it worth the 2500 euros to do the course.
Im sure you learn alot doing the course, buts its still a lot of money.

This type of certification (i.e. a security one) seems to be a fairly new concept to Ireland but this cert is fast becoming an industry standard. I heard for example the other day that if you have Security+, CPTS and CPTE that the American Army will give you a job that pays around $150k p.a.

Personally I'd be as quick to take a job offer from Satan as I would from the American military, not to mention that that is hearsay (allbeit from a reliable source) but still it does make you wonder what the private sector payscale is for this kind of work, with all the certificates.

NutJob

Shad0r wrote:

This type of certification (i.e. a security one) seems to be a fairly new concept to Ireland but this cert is fast becoming an industry standard. I heard for example the other day that if you have Security+, CPTS and CPTE that the American Army will give you a job that pays around $150k p.a.

Personally I'd be as quick to take a job offer from Satan as I would from the American military, not to mention that that is hearsay (allbeit from a reliable source) but still it does make you wonder what the private sector payscale is for this kind of work, with all the certificates.

I work for satan shes a good employer.:)


Quick question has anyone recieved that e-mail/voucher/video link ?



Seriously i couldnt find cpts in irish jobs but i could find pen testing positions/security admin

CPTS:
http://www.irishjobs.ie/showresults.aspx?IsProvince=1&MatchPerc=40&Ranking=&Roles=&Recruiter=Both&Category=3&Location=0&KEYWORDS=CPTS&I7.x=18&I7.y=10

pen-test:
http://www.irishjobs.ie/showresults.aspx?IsProvince=1&MatchPerc=40&Ranking=&Roles=&Recruiter=Both&Category=3&Location=0&KEYWORDS=penetration+testing&I7.x=0&I7.y=0


http://www.irishjobs.ie/JobDesc.asp?ID=2206504&MID=1797
http://www.irishjobs.ie/JobDesc.asp?ID=2206394&MID=1797
http://www.irishjobs.ie/JobDesc.asp?ID=2204016&MID=824 (ECDL Required ??):eek::eek:


Salery scale makes it look attractive but ... needs further investigation

hmmm

Those 3 irishjobs.ie links are I believe the same job.

Knowing who we are talking about, I'd expect they'd be less interested in CEH/CPTS/any other makey uppey penetration testing certs and more interested in MCSE/CCNA/CISSP/CISA/years experience in IT/audit experience/how presentable you will be in front of management.

Shad0r

I had a quick look at Monster.ie earlier and there were loads of Information Security jobs coming in at the 45k - 60k mark.

Also with regard to the CPTS cert, if they werent familiar with it, you could always ask them if they would like you to prove that their network had security concerns and that you are the right man/woman to fix them!

Shad0r

Sh!t, forgot to say about that email/voucher/video link, they havent gone out yet...well, actually a mail has been sent afaik, but the video link hasnt been released to New Horizons yet.

The winner of a Free seat at the next CPTS course is due to be picked tomorrow to the best of my knowledge.

hmmm

Shad0r wrote:

Also with regard to the CPTS cert, if they werent familiar with it, you could always ask them if they would like you to prove that their network had security concerns and that you are the right man/woman to fix them!

Good idea! If I was interviewing people for a security job, I'd definitely allow random candidates to have a go at hacking my network. Sure, why don't I see whether they have the skills to cope with a disaster recovery situation by setting fire to my server room.

Static M.e.

Sure, why don't I see whether they have the skills to cope with a disaster recovery situation by setting fire to my server room.

Excellent

Shad0r

hmmm wrote:

Sure, why don't I see whether they have the skills to cope with a disaster recovery situation by setting fire to my server room.

rofl yeah thats the spirit. What could possibly go wrong!?

scojones

Will something like this be happening again?

Static M.e.

Also what happened to the Video link we were meant to receive?

NutJob

Static M.e. wrote:

Also what happened to the Video link we were meant to receive?

Thought is was just me and the spam filter again. Did recieve a phone call and cource info. Ne to the video

Shad0r

Sorry guys, the powers that be decided to give the video to us on CD instead of online. :rolleyes:

I'm compiling a list of interested people to post it out to atm, so if you want me to send you a CD, then email me your name and address to neil.sisson[_(a t)_]newhorizons.com

Static M.e.

Thanks Neil.

Appreciate the effort.

the_syco

hmmm wrote:

Good idea! If I was interviewing people for a security job, I'd definitely allow random candidates to have a go at hacking my network.

Or, tell them of a problem which you know exists, as an off-hand example.