Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE)
From: "Graves, Jamie" <j.graves () napier ac uk>
Date: Thu, 27 Jul 2006 12:15:44 +0100

Hello,

Funny that this should come up; Bruce Schneier covers this to a certain
degree in the following article:

http://informationsecurity.techtarget.com/magLogin/1,291245,sid42_gci119
6098,00.html

- Jamie

-----Original Message-----
From: Robert E. Lee [mailto:robert () dyadsecurity com] 
Sent: 27 July 2006 11:40
To: shreyas () technitium com
Cc: shreyasonline () yahoo com; slamboy () gmail com;
pen-test () securityfocus com
Subject: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC
Address Changer v3.1 (FREEWARE)

The "practical application" portion of the CISCO CCIE certification is
why organizations can trust the CCIE job applicant can serve a useful
cisco networking function in their organization. Any certification that
fails to measure the candidates actual ability to perform a useful
function in the subject of the certification is useless (ala CEH, CISSP,
CISA, CISM, which can all be passed with 0 years of experience). To the
best of my knowledge about the current infosec certs, ISECOM's OPST
(www.opst.org) and OPSA (www.opsa.org) come the closest to fulfilling
the the practical measurement requirement. For what it's worth, we would
not consider hiring a candidate who advertised that they have a CEH
certification. 

If you want to stand out in an interview, perform a useful function that
your peers respect you for. Presenting your ideas at conferences or
contributing to computer security research papers and projects will get
you a lot more credibility in a job interview than "hacking stories" or
"hacker certifications".  There are a lot of projects to choose from.
If none of them excite you, start your own. ;)  

Robert

-- 
Robert E. Lee
Chief Information Officer
http://www.dyadsecurity.com
 
phone: (949) 394-2033
fax  : (949) 486-6601
email: robert () dyadsecurity com

------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's 
Choice Award from eWeek. As attacks through web applications continue to
rise, 
you need to proactively protect your applications from hackers. Cenzic
has the 
most comprehensive solutions to meet your application security
penetration 
testing and vulnerability management needs. You have an option to go
with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm
your 
results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------

This message is intended for the addressee(s) only and should not be read, copied or disclosed to anyone else outwith 
the University without the permission of the sender.
It is your responsibility to ensure that this message and any attachments are scanned for viruses or other defects. 
Napier University does not accept liability for any loss
or damage which may result from this email or any attachment, or for errors or omissions arising after it was sent. 
Email is not a secure medium. Email entering the 
University's system is subject to routine monitoring and filtering by the University. 

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault