+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 26
  1. Junior Member
    Join Date
    Mar 2018
    Posts
    9
    #1

    Default Whats is the real value provided by SANS?

    Hi Everyone,
    I had in the past OSCP, CEH and CHFI training, all of them with a price range between 1000 $ to 2000 $...
    I think there are no trainings on the market give us an "expertise" just at the end of it, expertise comes with experience and practice.
    In my opinion a very good training must teach the underlying concepts, only on top of it I can build my knowledge and my expertise.
    So my question is: why a SANS training is almost 4k $ more expensive than others? Which is the reason behind it, what concepts do they provide than other don't do?
    Thanks
    G.
    Reply With Quote Quote  

  2. SS
  3. Senior Member shochan's Avatar
    Join Date
    Sep 2016
    Location
    AR
    Posts
    608

    Certifications
    A+, Network+, i-Net+, Novell CNA 5.0, MCP 70-210, Server+, Security+, Cloud+
    #2
    yeah, I have always wondered the same thing. It's like the Rolex version of certs.
    Last edited by shochan; 03-07-2018 at 01:32 PM.
    2018 goals -> PenTest+ Beta (awaiting results), CCNA CyberOps (DQ'd), Linux+ 103 (Aug), Linux+ 104 (Oct), CEH (Dec).
    Reply With Quote Quote  

  4. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,903

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #3
    The fact you get a chance to work directly with leaders in the industry as they help you learn and go through hands on labs is a pretty big plus. Just one of the reasons their live classes are much better than the "on-demand" option.

    Not that their "on-demand" courses aren't good... but they are pretty expensive for video courses. Probably why I won't ever take one. Unless my employer is down for paying for it of course.
    Reply With Quote Quote  

  5. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    197

    Certifications
    CISSP, GPEN, GWAPT, eJPT, CySA+
    #4
    These are my two cents..

    Being part of the work study program (discounted to $1100 is selected), I see where the value is. They do provide you access to people who are not only wrote the material, but live this stuff out with MANY years under their belt. The instructors are active in their respective fields and are an open book. Imagine having a mentor for a week. A lot of people do not take advantage of that part bc they do not want to seem like a groupie or that they do not want others to think they do not have it all figured out.

    The 6K price tag is extremely high in my opinion, I think 5k is the highest it should have gotten, but that is bc they are trying to have my companies pay for it and also to reduce class size. They use to have a handful of events in the past now they are running like three at a time about three times a month. The demand is high.

    Also what you do with the information makes all the difference with their courses. You can get by learning the book and having a good index (may not score really high) but you have to put in work to really learn it and prove that when you show up for the interviews.
    Completed: CISSP, GPEN, GWAPT, eJPT, CySA+, M.S. Information Security
    Current Goal: eCTHP (current)
    Five Year Plan:​ eCPPT (paused), RHCSA, CISM, OSCP, more SANS as they come
    Book/CBT/Study Material:​ eLearnSecurity Threat Hunting Professional / Web App Hacker Handbook
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Dec 2015
    Location
    Quebec, Canada
    Posts
    507

    Certifications
    A+, Network+, Linux+, HP APS, VCP 3-4-5-6, VSP,VTSP, SSCP, Veeam VMCE, CISSP
    #5
    The On-Demand is ridiculously expensive. They are the same price than the in-person training. Sure, I am saving on expense (hotel, meal, flight) if I am taking On-Demand, but you miss so much of the interaction with peers and trainer and that's where the value of SANS is.
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Mar 2018
    Posts
    9
    #6
    Quote Originally Posted by NetworkNewb View Post
    The fact you get a chance to work directly with leaders in the industry as they help you learn and go through hands on labs is a pretty big plus. Just one of the reasons their live classes are much better than the "on-demand" option.

    Not that their "on-demand" courses aren't good... but they are pretty expensive for video courses. Probably why I won't ever take one. Unless my employer is down for paying for it of course.
    so basically the 4k dollars more is because they support you on labs (and actually it is a big value) but only with live training.
    In terms of teaching underlying concepts it's not different from others.
    Thanks
    G.
    Reply With Quote Quote  

  8. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,903

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #7
    Right, but its not just support... You get to interact and talk with other fellow peers at other organizations who are the same area as you. You get extra sessions at each night during the week from the instructors that go over other topics. Some courses have an end of the week competition between everyone. Definitely will get more out of the live training.
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    Mar 2018
    Posts
    9
    #8
    Quote Originally Posted by NetworkNewb View Post
    Right, but its not just support... You get to interact and talk with other fellow peers at other organizations who are the same area as you. You get extra sessions at each night during the week from the instructors that go over other topics. Some courses have an end of the week competition between everyone. Definitely will get more out of the live training.
    I want to give definitely high value to the interactions with instructors, as any other live course compared to online.
    Considering the cost of training, plus hotel, dinner, flights I don't think it's something for "private" person.
    If I have to pay the same price for on-demand I will go for the all-access pass in eLearnSecurity.
    G.
    Reply With Quote Quote  

  10. Reticulating splines... iBrokeIT's Avatar
    Join Date
    Jul 2013
    Location
    Twin Cities, MN
    Posts
    1,076

    Certifications
    GCIH, GSEC, VCAP5-DCA, VCP5-DCV, MCITP:EA, MCSA 2003/08
    #9
    Their target market is F500 employers and the DoD, not individuals paying out of pocket. Keep that in mind, plenty of other vendors to fill the later.

    Their primary training model is live instruction at regional conferences and they price their OnDemand bundle comparatively to support that model. Look how much it costs to take PwK live at BlackHat with OffSec, same ballpark as SANS training. Comparing CBT training to live training that get updated regularly is apples to oranges IMO.
    Reply With Quote Quote  

  11. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,903

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #10
    Quote Originally Posted by garbo77 View Post
    I don't think it's something for "private" person.
    Definitely not
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Jan 2015
    Location
    Chicago, IL
    Posts
    1,095

    Certifications
    Too many MCPs and MCTS, MCSA: Security, MCSE: Security, MCSA: 2003, 2008, 2012, MCITP: EA, CISSP-ISSAP, SCS DLP, GREM
    #11
    Agree, they are way overpriced. I'd give them a pass with their course prices if challenging the exam wasn't too high as well.

    Another thing I don't like is their exams are open book. Kind of casts some doubt on how good the test checks candidate's skills.

    But when the company pays and the course is interesting and there are no alternatives (like with GREM) -- I take it.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,382

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #12
    I just view the courses as being part of their Master's program not standalone certs. Its in the end product (a Master's) that has value. The individual certs, not so much as few organizations really understand them as valuable.

    Yes, I hold or have several retired SANS certifications stacked up in a rather heavy pile.

    - b/eads
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Dec 2015
    Location
    Philadelphia, PA
    Posts
    139

    Certifications
    GREM, GPEN, GCFA, GCIH, GSEC, GCIA, GCFE, CCNA Cyber Ops, ACE, MCSA
    #13
    I just wrote up some thoughts/notes for my management team regarding the value of SANS training over other training. I think the value of SANS training can be seen with their instructors, the material and the certifications. The instructors are all experts in their field that teach from real world experiences. They are not teaching out of a book. They are able answer any questions you may have and can give examples of how/when you would encounter a similar situation. The content is well laid out. They often provide you with a VM they built (SIFT) or one that is widely used in the field (REMnux). The certification requires you to read over and understand all the material from the class. I personally read all the books and do all the labs 3 times. I imagine most people do something similar. I prefer my team to go through this type of training/certification because I feel there is a better chance of retention. Unfortunately, as much as I value SANS training we may have to go another route because the prices are just too high. I even reached out to SANS to inquire about onsite training. I was surprised to find out if I host a SANS training event at my organization and all the students are employees from my company I do not save any money. They actually charge me 15% more. They said this is because they have a limited number of instructors and I would be taking one away from a big conference. If I had at least one person from another company I would not be charged the extra 15% and one of my employee's could attend the course at the facilitator rate.
    Reply With Quote Quote  

  15. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    935

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #14
    This is capitalism at work! SANS can charge whatever it wants. Sure there are a few certs out there similar to GSEC, GPEN, GWAPT, but the vast majority of SANS certs have literally zero competition in the training industry (by brand-name companies, at least). When you're literally the only company that trains people to do what they specifically need to do their job, and the consequences for a company of NOT having trained people who know what they need to get their job done is so catastrophic nowadays, you can charge whatever you want to. Considering they regularly have 100+ people attend sessions for their biggest certs (GCIH, GISSP, GSEC, etc) (do the $$$ profit math on those some day, btw), many people obviously feel the same way.

    OnDemand is actually a good choice to keep costs down. All-in including flight, hotel, rental car, food, parking, etc for a lot of their venues, you can get really close to the $10k mark for just one security class. Yet they sell out all the time!
    Reply With Quote Quote  

  16. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    6,129

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #15
    Quote Originally Posted by quogue66 View Post
    ...The instructors are all experts in their field that teach from real world experiences. They are not teaching out of a book. They are able answer any questions you may have and can give examples of how/when you would encounter a similar situation...
    Let me speak to this since i drink the SANS Kool-aid, although through Work Study only. I've been through too much training throughout my 20 years in IT where the instructor recites off the official book and can't answer anything ouside of that. As recent as a couple of weeks ago I went through a fairly expensive (almost SANS levle) official Cisco class where the instructor could not answer at least 80% of the questions that the group brought up. That is just plain demoralizing. It felt like 100% wsated time. This stuff would NEVER happen with SANS.

    Also, I fail to see why On-Demand is virtually the same price as the live class. At this point you are commoditizing the course so logic tells you price should be lower. Oh well. When I requested a quote I was also surprised to know that the on-site option had the 15% premium added and it required a minimum of 25 students. One on-site class basically becomes a $165k expense.

    Lesson learned: SANS has a money printing press and it's Adam Smith's invisible hand at its finest. Seems to be working great for them so zero need to change anything.
    Reply With Quote Quote  

  17. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,691
    Blog Entries
    50

    Certifications
    CISSP, SSCP, CEH (revoked), GSEC, EnCE, CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #16
    Quote Originally Posted by cyberguypr View Post
    Also, I fail to see why On-Demand is virtually the same price as the live class. At this point you are commoditizing the course so logic tells you price should be lower.
    There is no reason to offer on-demand training more inexpensively until sufficient numbers of attendees are no longer willing to attend the live training.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  18. Senior Member shochan's Avatar
    Join Date
    Sep 2016
    Location
    AR
    Posts
    608

    Certifications
    A+, Network+, i-Net+, Novell CNA 5.0, MCP 70-210, Server+, Security+, Cloud+
    #17
    Quote Originally Posted by cyberguypr View Post
    Let me speak to this since i drink the SANS Kool-aid, although through Work Study only. I've been through too much training throughout my 20 years in IT where the instructor recites off the official book and can't answer anything ouside of that. As recent as a couple of weeks ago I went through a fairly expensive (almost SANS levle) official Cisco class where the instructor could not answer at least 80% of the questions that the group brought up. That is just plain demoralizing. It felt like 100% wsated time. This stuff would NEVER happen with SANS.

    Also, I fail to see why On-Demand is virtually the same price as the live class. At this point you are commoditizing the course so logic tells you price should be lower. Oh well. When I requested a quote I was also surprised to know that the on-site option had the 15% premium added and it required a minimum of 25 students. One on-site class basically becomes a $165k expense.

    Lesson learned: SANS has a money printing press and it's Adam Smith's invisible hand at its finest. Seems to be working great for them so zero need to change anything.

    Gimmie some of that KOOL AID mane! LOL

    https://www.youtube.com/watch?v=nBeUGqeYsQg
    2018 goals -> PenTest+ Beta (awaiting results), CCNA CyberOps (DQ'd), Linux+ 103 (Aug), Linux+ 104 (Oct), CEH (Dec).
    Reply With Quote Quote  

  19. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,564

    Certifications
    GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #18
    I remember spending 30 days at a vendor's training, doing all sorts of hands-on...for FREE, with expert instructors....the good old days

    SANS has no competitor yet, when eLearnSecurity, Offensive Security, and other competitors step up their game,,,then maybe.


    If your company pays for SANS...take it!
    Goal: MBA, March 2020
    Reply With Quote Quote  

  20. Reticulating splines... iBrokeIT's Avatar
    Join Date
    Jul 2013
    Location
    Twin Cities, MN
    Posts
    1,076

    Certifications
    GCIH, GSEC, VCAP5-DCA, VCP5-DCV, MCITP:EA, MCSA 2003/08
    #19
    Quote Originally Posted by UnixGuy View Post
    SANS has no competitor yet, when ...Offensive Security...
    Not true, Offensive Security teaches 3 classes at Black Hat every year and they sell out within days. Look at PwK: https://www.blackhat.com/us-18/train...ali-linux.html

    $4400 for four days which is $1100 per day (which doesn't even include the course materials, lab or exam)... roughly in line with SANS.
    Reply With Quote Quote  

  21. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,564

    Certifications
    GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #20
    @iBrokeIT: sure, but SANS teaches everywhere in the world....companies outside the US rarely sponsor people to go BlackHat.

    Sucks though, if they're going in par with SANS prices....eLearnSecurity have been releasing new certs lately..so hopefully they can compete.


    Sure SANS is great at marketing (so is CISSP folks!), but if I can get the knowledge elsewhere cheaper and then rack up work experience I'll take it..
    Goal: MBA, March 2020
    Reply With Quote Quote  

  22. Completely Clueless TechGromit's Avatar
    Join Date
    Oct 2015
    Location
    Ontario, NY
    Posts
    1,618

    Certifications
    A+, Network +, Sanity+ (Revoked), GSEC, GCIH, GREM
    #21
    While SANS training is very good, the competition is beginning to catch up. The DoD Approved 8570 Baseline certifications were once almost entirely GIAC Certifications, with the exception of a few CompTIA's + and CISSP. Now more than half of the accepted certifications are not GIAC certs, Cisco, ISACA, EC-Council, all are on the accepted list. This indicates to me SANS doesn't hold the certification monopoly it once had. I'm sure these certs will filter down the the Fortune 500 companies as acceptable, if not desirable certifications as well. I believe in a few years SANS will have to adjust there pricing accordingly, I think there profit margins are wide enough they can easily reduce there prices $1,000+ and still made a good profit.
    Still searching for the corner in a round room.
    Reply With Quote Quote  

  23. Reticulating splines... iBrokeIT's Avatar
    Join Date
    Jul 2013
    Location
    Twin Cities, MN
    Posts
    1,076

    Certifications
    GCIH, GSEC, VCAP5-DCA, VCP5-DCV, MCITP:EA, MCSA 2003/08
    #22
    @UnixGuy The market rate for live Info Sec training with a reputable brand appears to be around the $1100 mark, not just SANS as I showed you. They also have BlackHat Asia but again, similar prices: https://www.blackhat.com/asia-18/tra...loitation-9364

    If you feel you can get the same or better ROI from a CBT vendor then great! I personally have bought three eLearnSecurity courses and hope they become more well known because they are an excellent value.

    Just my observation:
    SANS is primarily a live training company and everything else is a distant second to support that model. At each of three conferences I've attended in the last few years they mention that their yearly attendance keeps going up (along with their prices) due to the demand. Given that, why would they go after the low budget crowd with a cheaper OnDemand bundle that would significantly take away from their primary training model? Doesn't make sense from a business perspective and expecting any different from them would be setting yourself up for disappointment.
    Last edited by iBrokeIT; 03-07-2018 at 11:50 PM.
    Reply With Quote Quote  

  24. Senior Member cshkuru's Avatar
    Join Date
    Jul 2011
    Location
    Vancouver, WA
    Posts
    195

    Certifications
    My puny list of certifications made me feel inadequate so now you have to guess :-)
    #23
    There is actually a business opportunity here. There is nothing magical about the SANS model. They Identify a need for a cerain set of skills and they develop training around it. The value is from the people who serve as the SMEs and Instructors. This is something that could be replicated and in my opinion improved upon. There is a company named TTI that does the same sort of thing for specialized electrical and mechanical engineering courses, https://ttiedu.com/course_list, but they go it one better, in my opinion, by offering their classes at a fixed location. That makes it possible to take a couple courses in a row if you need to. They also give a price break (or at least they used too if you were taking 2 or more classes in a row). If someone did something similar and offered on going lab access for 4 months or so after the class I think they would have a winning solution that could dethrone SANS.
    Reply With Quote Quote  

  25. Senior Member
    Join Date
    Apr 2013
    Posts
    2,052
    #24
    There is some competition in the pen testing area as others mentioned, elearn, offsec, etc. For a lot of the blue team courses they teach I don't know of any/many vendor neutral courses for things like IR or forensics. Some vendor courses can be as much per day, but typically aren't as long, I can take a 3 day Cisco course for 3K, but when I got and put in a proposal for training 3K sounds a lot lower than almost 6K+, even though SANS might run twice as long and provide more value.
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    147

    Certifications
    OSCP, OSWP, CISSP, CCNA Cyber Ops, Sec+
    #25
    With the in-person training, you get to network with fellow students in your class, other students nearby at the bar or NetWars, and access to instructors. Especially in security (and offense), no one knows half what we want to know, and being able to bounce something off peers with those skills/knowledge is a huge deal. Do you need SANS to do that? No, but it forces lots of like-minded people together. It's very collegiate-like, in that regard.
    -------------------------------------------------------
    Security Engineer/Analyst/Geek, Pen Testing
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks