Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

Are SANS certifications ACTUALLY worth it?

In short…. It depends

For starters you obviously need to consider if you are paying for it, or your company is. If your company is offering to cover the STAGGERING amount of money for the course I will generally say go for it. These certifications are highly regarded after all.

If you are paying for it yourself? Honestly… I usually lean towards no. Around 8 grand for a week course is a hefty price for anyone, and generally someone taking a certification is trying to maneuver into a new position or specialty. Not everyone in such a position is willing to make such an investment. But there is a way of knocking that cost down a bit though that is worth learning about.

You see SANS has a ‘Work Study’ program which has you effectively be a teacher’s assistant in exchange for a discounted rate on the course(2500 instead of that ~8 grand previously mentioned). This is a rather competitive program to be a part of, so you may have to apply a few times. But it is still something worth looking into, and while still expensive, it is certainly more affordable than the other avenue.

Read more about the SANS Work Study program HERE: Cyber Security Work Study | SANS Institute

Beyond the cost itself being rather limiting, there are SANS courses and the certifications from them that are simply not equal. You may get a much better return on investment depending on the course you choose.

I hold the GPEN certification, I was lucky enough to have the military pay for it close to when I was separating. That is the only reason I have it, and to be honest, in my opinion it is the reason I was able to get my first role afterwards as well. It created some talking points during my technical interview which I was able to speak well enough on to land the job. I was very fortunate in that situation and honestly I do not think it would have happened without it. But this certification also complimented my work experience as well, so it wasn’t just out of the blue that I took this course HOPING to specialize in something offensive. I admit I was rather set up to succeed here due to some of the risks I took in my career.

This isn’t the only certification that holds some weight. I hear very good things about the forensic SANS certifications(maybe I should say GIAC certifications because they are the certifying body and not SANS)offered currently. If you have any experience in this field and are looking to expand it a bit these may be something that can help do that for you.

The ‘GCIH’ certification also pops up on quite a few resumes I have noticed. Admittedly I haven’t spoken to anyone directly about their experiences with it but the frequency I see this as a desired qualification on jobs leads me to put it on this list here.

My own GPEN’s expiration is coming up in a couple years and I will probably take another course in an effort to renew GPEN + get a new certification. I am going between GCIH and GXPN. The GXPN is the advanced pen testing cert offered from SANS and may seem like an obvious choice given I took GPEN first. But I always like the idea of ‘being well rounded’ in this field. It certainly doesn’t hurt to understand how the other side operates, I can easily make the argument it will help my offensive skills further should I move into a Red Team role and need to utilize evasive techniques.

No certification you hold will ever guarantee you a job, they should serve to complement your work experience and build upon your skill set.

Don’t Click Links From Strangers,

Bryce

Bryce
Bryce
Articles: 26

Related Posts

Trending now

The ‘Shortage’ Facing CyberSecurity
Do you need a degree to get started in Cybersecurity?
Best Ways To Get Started in Cybersecurity
Are SANS certifications ACTUALLY worth it?