Was there a primary motivator for selecting SANS?
The customer that I work for required that I take at least 2 SANS course during my first year working for them – After experiencing how great the course where, I have pushed both the customer and my own company to send me to as many SANS courses as possible
What problem(s) are you trying to solve with SANS Training?
Lack of personnel with specific in-depth knowledge on topics covered in my courses.
What impact were these problems having on your organisation/team?
When the customer where in a situation where these skills where needed, they would not have enough personnel with the knowledge required to handle the situations correctly, which in worst case would lead to a compromise that severely damaged to customers organization.
Why/When was the decision made to implement new training and select these SANS Courses?
The reason that’s SANS was chosen was due to the fact the security industry considers it the best, most up-to-date, hands-on cybersecurity training available.
What specific results were achieved? Any metrics you can share? Any numbers illustrating the before and after?
As a result of my SANS training, I’ve gained a much deeper technical understanding on many relevant topics within cybersecurity, like forensics, Incident response, threat hunting, and network analytics. I use this knowledge every day to improve the client’s security posture, and I’ve also been able to share a lot of my knowledge with my co-workers, thus raising the overall quality of the costumer’s security team.
What roadblocks or issues did SANS Training help you solve?
Before SANS I had almost no experience with real-life malicious cases of hacking/cyber-attacks. Now that I have attended a few SANS classes, I’ve gained first-hand experience working on actual security breaches. Now I am much better prepared to both identify and handle these types of situations in my customers organization.
What features or parts of the SANS training were of the greatest use/most valuable? How?
The most valuable features have definitely been the day-6 challenges. I learned some much from spending a whole day applying everything that I learned during the course-week on a brand-new case/incident, without the instructor guiding me through it. It’s both exiting, stressful and fun!
What were some lessons learned from the experiences? Any best practices you’d suggest for others that will participate in future runs?
Expect to be overwhelmed by knowledge. No one can possibly understand and learn everything you go through during the course week, but you will have plenty of time to go through it again at our own pace after the course, when/if you are studying for the GIAC exam – which I highly recommend. I usual learn just as much reading/practicing on my own after the course as I do during.