Would you recommend SANS Institute security training? What are the advantages/disadvantages of this training compared to other methods?
SANS is one of the leading security training organizations, though many VARs and independent organizations also offer training. The SANS approach is usually to offer week-long "conferences," which consist of a number of different courses and tracks to provide a comprehensive view of several security disciplines.
A lot of the advantages/disadvantages depend on whether a certification at the end of the process is necessary. If so, SANS is a fine choice because it provides some of the most highly respected certifications, many of which require completion of a variety of their courses.
Likewise, to get a CISSP designation, a CISSP "boot camp" is a good option because it's built specifically to cover the content on the test. For training on a specific product, many of the products' vendors themselves offer training and an associated certification.
Ultimately the decision on which path to pursue depends on the type of accomplishment or training experience required to meet one's long-term career goals.
This was first published in August 2008