GPEN - My Personal Experience

Yesterday I successfully completed my GPEN certification, which was the elective I selected for the SANS Institute’s Applied Cybersecurity certificate program.

GPEN Badge

If you are looking to learn more about:

  • various attacks and methods used today both by penetration testers and attackers,
  • the penetration tester process,
  • or basic web application attacks

then this certification will be of benefit to you. I have taken a significant amount of certifications over the last few years (almost 20 in all), and I feel that this one was one of the most important ones I have earned so far.

I thoroughly enjoyed the course, as it contained a wide range of labs to gain hands on experience with a wide range of tools. I feel this is crucial today, as most certifications are just multiple choice and are missing this important factor. This shows to potential employers that you did not just pass a multiple choice test, but understood how the tools worked.

The last portion of the course invovles attacking a lab that hosts several virtual machines and requires working through several different steps and processes in order to attain all of the flags. It also requires backtracking to other machines once you have gained additional information. This entire lab experience seemed very realistic and I thoroughly enjoyed it. This also helped me learn the various stages of penetration tests inside and out as you had to go back and forth between phases throughout the process.

The videos and reading material were also very relevant and had been updated recently, which makes me highly encourage others who can to take this certification. While this is a significant expense, you can sign up for various courses and their associated certifications on the sans.edu website at a discounted rate for up to two certifications.

Overall, I enjoyed the certification so much, that I am planning on returning to take the SANS Master’s Degree program starting late this Fall.