Interview with ELearnSecurity
We handled an interview with one of the famous security courses suppliers worldwide to expose the real nature and experience of the materials and content provided by eLearnSecurity.
Can you please introduce yourself to security kaizen magazine readers?
i’m the CEO and founder of eLearnSecurity, Italian, living in Dubai.
Prior to founding eLearnSecurity I’ve been involved in a number of security assessments for private and public companies and I’ve spent many years on web application security research, which has always been my area of interest in IT Security.
Can you give us a quick overview about eLearnSecurity? How it all was started and what brought You the idea?
ELearnSecurity has been founded in 2010 in Italy.
At that time I felt there was so much to improve and innovate in the IT Security training field that, given mine and my team experience and passion for the field, not giving it a shot was a waste.
Back then, me and other three renowned IT Security professionals joined forces to create a comprehensive training course on Penetration testing, the Penetration Testing course Professional, aka PTP.
Releasing a new training course, being a completely unknown company, was quite a challenge.However it immediately gained press and stellar reviews from our students.
From there we expanded our offerings to other areas such as Web Application Security, Reverse Engineering and Mobile Security.
Today eLearnSecurity has clients in Fortune100, students from over 127 countries, offices in USA, Europe and Middle East and a team of talented professionals that doubles in number every year.
Why did you choose the online model for providing your courses instead of the normal face to face style?
The online model, when done properly, is not only the future of training but also an opportunity during the slow economy years we have been through in the past 5 years.
Then let’s face it: the 5 days, 40 hours training, answers business needs more than rationality.
No one will ever learn in a classroom as much as with an online course, with such a heavy load in such a short time.
Not to mention that topics like Penetration testing are so complex that a teacher will hardly be able to convey theory along with practical sessions in only 40 hours.
There certainly is a demand for classroom training but result is another story.
So we decided to create a self-paced model where the student is provided with the course material in a handy dashboard, a proven path to follow and all the time required to study. We then allow students to interact with the instructor through forums in case they need further explanations.
Moreover with on-demand labs, there’s plenty of time and flexibility to absorb the complex topics that we teach.
What is the most unique thing eLearnSecurity courses offer other than the other providers?
ELearnSecurity has never been a mere content production company.
From day 1 we always focused our attention on how we could transfer practical skills between two persons effectively, by means of e-learning. We knew we had to do much more than just writing slides or recording videos.
The way we achieved this goal is with the sophisticated virtual labs that we created: Coliseum, Hera and Hack.me. These are the most advanced virtual labs you will find on the subject.
Coliseum allows to instantiate many different vulnerable web applications on the fly, within a sandboxed environment that ensures safe and exclusive access per user.Hera is a complex virtual lab in which you can spawn always new and diversified scenarios comprising networks, servers and workstations. Once again isolated and dedicated for each user.
Both labs run on powerful datacenters using best of breed virtualization technology and we are now implementing these technologies for government bodies and corporations around the world.
We have a R&D team that I believe no other training company in this field has, in number, budget and talent. In fact, 50% of our team doesn’t work on what we are offering today. It’s working on what we’ll be offering in 2-3 years.
All the readers can have a taste of Coliseum technology by using Hack.me https://hack.me which is the only community driven, virtual lab on web application security. And it comes for free.
What challenges do you face as a new security services provider in the market?
The market understands the value in our offering and doesn’t consider us new anymore.
The main challenge for us is to continue to innovate while we are on such a high growth trajectory.
How do you face the challenge of Accreditation and certification especially when you face competitors with strong history like EC- Council and Sans Institute ?
Market understands the difference between certifications obtained by answering quizzes and certifications obtained by performing a 100% practical exam. All our exams are practical. There is no way you can assess the proficiency of an IT Security professional by means of multiple choices quizzes.
Our certified professionals not only have to perform an exam that recreates a real world pentest or assessment, but they also have to provide a commercial grade report.
Professionals or Employers who hold our certifications know the value in their hands and do not really care about strong, or in some cases just long history in the field.
Having that said, accreditation is important for us and it’s certainly something you would see coming in the near future.
Among your provided courses, which are the most popular?
The most popular course so far is our WAPT: “Web Application Penetration Testing course”.
Our newly launched MASPT, “Mobile Application Security and Penetration Testing” course has also gained a lot of interest by the community.
What is the range of prices for your courses and do you provide discounts for students?
Thanks to the automation and extreme attention to efficiency we manage to keep our costs down and we pass this advantage to our students providing courses from $399 to $999.
How do you make sure that the course content is effective and comprehensive?
We undergo long and cyclic reviews of our contents before and after a release.
Before we release we invite researchers and professionals to review and provide feedback on our contents.
After we release, we rely upon our students’ feedback to tweak and add more contents or better coverage when necessary.
Recently, you opened an office in Dubai, How do you see the potential in the Middle East Region?
Middle East is an exploding market for IT Security in general, where e-learning is still probably less widespread compared to other areas of the world. However we have witnessed an increased demand for our training even before we opened an office in Dubai.
The investment we received from Middle East investment funds acknowledges our quality and innovative approach and will let us bring to market always better and more specialized offerings for governments, companies and individuals in this region.