• To ensure you get the most out of your CIN membership and stay connected with the latest updates, we are asking all members to update their community profiles. Please take a few moments to log in and: • Complete all sections of your profile • Review your current information for accuracy • Enter an alternative email address if desired (CIN requires your valid business email address for your training organization). Keeping your profile up to date helps us better serve you, ensures your account is correctly linked with CompTIA’s CRM, streamlines processes, enhances communication, and guarantees you never miss out on valuable CIN opportunities. Thank you for taking this important step! step!

What's the best training?

Matthew Jennings

Active member
  • Dec 19, 2022
    31
    27
    3,231
    My org budgets "premium" training opportunities for IS staff every-other year and this year it's my turn. I have a couple SANS certs (GCIH, GCPN) already and while I love SANS and think they're great, would really like to diversify my skill set.

    I've been looking into the possibility of training with other orgs like OffSec, Hack-the-Box, Arcanium, and Antisyphon (a personal favorite). I love HtB but feel like their certs might be too new for industry-wide recognition if I need to look for employment. I hear OffSec is fantastic but very difficult and that Arcanium is great training (but doesn't offer certs).

    For those who would start with "depends on what you're looking to do...", I am looking for a mix of great training and ideally would love to add a cert or more to my resume.

    I would love to get some advice from those who have experience training with those and/or other orgs please! What are your success or horror stories?
     
    • Like
    Reactions: Fanuel
    I would avoid any certifications from EC-Council, as they have gotten a less than stellar reputation in the industry.

    ISACA and ISC2 have great GRC, auditing, and management certifications.

    OffSec has the best red team certifications.

    CompTIA has the best introductory and intermediate certifications in the industry.
     
    My org budgets "premium" training opportunities for IS staff every-other year and this year it's my turn. I have a couple SANS certs (GCIH, GCPN) already and while I love SANS and think they're great, would really like to diversify my skill set.

    I've been looking into the possibility of training with other orgs like OffSec, Hack-the-Box, Arcanium, and Antisyphon (a personal favorite). I love HtB but feel like their certs might be too new for industry-wide recognition if I need to look for employment. I hear OffSec is fantastic but very difficult and that Arcanium is great training (but doesn't offer certs).

    For those who would start with "depends on what you're looking to do...", I am looking for a mix of great training and ideally would love to add a cert or more to my resume.

    I would love to get some advice from those who have experience training with those and/or other orgs please! What are your success or horror stories?
    Unless your going to get paid for it. I wouldn't recommend doing certifications "just because". If there is a company hiring a certain skill or your doing consulting and their required for a certain job. Ok, but just getting certs for the sake of it. It's a waste of money and time...time being the most important.
     
    Unless your going to get paid for it. I wouldn't recommend doing certifications "just because". If there is a company hiring a certain skill or your doing consulting and their required for a certain job. Ok, but just getting certs for the sake of it. It's a waste of money and time...time being the most important.
    Shea is sooo right here. Before picking up a new certification, you should consider how and when you'll need to recertify to maintain it.
     
    Shea is sooo right here. Before picking up a new certification, you should consider how and when you'll need to recertify to maintain it.
    I concur. I earned over 60 different certifications, mostly paid for by employers, because I thought it would help me in two ways:

    1. It would mean more certification exam courses I could teach. It turns out that some of them had zero demand for training.
    2. They would add to my overall body of knowledge. Honestly, I had the knowledge even without the certification for many of them.

    Figure out what you want to do and which certs will get you closer to that goal. All the rest are just distractions.

    --signed "a guy with 17 different CompTIA certifications and 10 stackable CompTIA certifications"
     
    • Love
    Reactions: Shea Bennett
    I concur. I earned over 60 different certifications, mostly paid for by employers, because I thought it would help me in two ways:

    1. It would mean more certification exam courses I could teach. It turns out that some of them had zero demand for training.
    2. They would add to my overall body of knowledge. Honestly, I had the knowledge even without the certification for many of them.

    Figure out what you want to do and which certs will get you closer to that goal. All the rest are just distractions.

    --signed "a guy with 17 different CompTIA certifications and 10 stackable CompTIA certifications"
    Exactly correct! I spend SO MANY YEARS when I first got into IT in 2007 playing certification Pac-Man only to realize that it was absolutely a waste of my time. I'm horrified how many VMware Certifications I focused on and the platform is mostly dead now.
     
    • Like
    Reactions: Gregory Childers
    Greatly appreciate everyone's advice on certs and their experience with their usefulness (or not). I've been in the field for many years and have only taken cert training/exams when a company will pay for them. I find they're useful when looking for different employment (e.g., advancement, change of responsibilities), but not much else beyond that. Although, as an architect who's constantly having the "why do I need to do this" type of arguments with leadership and non-security architects all the time, there is some value in being able to pull the "because this is what it says in the material for this cert that I have" card from time to time.

    I want to point out that my OP mentioned that I "would really like to diversify my skill set" and "am looking for a mix of great training and ideally would love to add a cert or more to my resume." The main goal is to identify good training; cert would be secondary (but nice to have if possible).

    Thanks all!