Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: CISSP-ISSMP
From: Pete Herzog <lists () isecom org>
Date: Wed, 10 May 2006 10:38:13 +0200

Hi,

So having the cert doesn't
make you good, and doesn't prove to anyone that you have experience or

I think the problem is the cause and effect. Having a cert does not make you good. But being good should be able to get you a cert provided that what the cert tests is valid for application in the industry.

And you can't generalize on certifications as being all the same. Just to throw this out there but have you looked at the ISECOM certifications? With this certification, ISECOM has shown itself to be a lot different- with tests based on applied ability and resourcefulness rather than just knowledge alone. For example, both the Professional Security Tester (OPST) and Professional Security Analyst (OPSA) certification exams are open book exams because knowledge alone will not help you pass and in the real world, the ability to use reference materials properly, including the internet, are an important part of security work. Now these certs are not for everyone but they do prove a level of competence in having proper analysis skills or understanding the security of interactions at a low level (see www.opsa.org and www.opst.org for more info). I know a lot of companies who use the certification for vetting existing employees and new hires as to being able to hit the ground running upon hiring, especially if the work experience is small or questionable.

Sincerely,
-pete.

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]