SANS San Diego was enjoyable. The food was good, the training wore me out and flying first class is always fun. I took the Auditing course. It was a good introduction, some interesting firewall testing, web app auditing, Windows and Unix auditing. Many in the classes were disappointed with the depth. If you’re an auditor trying to get some hands on technical experience, then it’s a good week of training. If you’re highly technical and trying to get an auditing introduction and framework, you’ll probably be disappointed with about half of the days.
The “What’s new for security in Windows Vista” one day course was worth every penny. Jason Fossen was, as always, an excellent instructor, and I learned all kinds of new things about Vista’s security that I have not read anywhere else. He really has some sort of inside track with some developers or something to get this kind of knowledge.
A couple of weeks after my return I took the exams to become a GIAC Systems and Network Auditor. Now I have another GIAC certification.