ageoffri writes: I'm going to be able to take one, or maybe two, training courses next year and starting to figure out what would be a good course to take. While I'm not 100% sold on the concept of certs as the be-all and end-all of demonstrating knowledge and more importantly application of that knowledge, if someone else is going to pay for them I figure, Why not? Right now I'm leaning towards classes that have certs associated with them since HR drones look for letters. I also wouldn't mind a class that is just fun and interesting even if it isn't directly applicable to what I do currently. My short list is: CCSP by Training Camp (SEC503); Intrusion Detection In-Depth by SANS (GPPA cert); SEC504: Hacker Tools, Techniques, Exploits and Incident Handling (GCIH cert); and SEC550: Active Defense, Offensive Countermeasures and Cyber Deception (no cert). The first two directly apply to my day to day job. The third one just looks like fun, while the last one is also fun sounding, but I doubt I'd have much opportunity to put the skills to use. I'm curious what others here are thinking about for future training and other options to consider. I already have my CISSP, along with an MS in Information Assurance, so the two obvious choices are finished.