Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Security Expert Certificates

From: "Steve W. Manzuik" <steve () security-sensei com>
Date: Tue, 30 Mar 2004 10:30:27 -0700
Security is not just about writing the exploits.  It is, as you say, in
general knowing your shit about things in general.  I have met some very
smart people in my time in this industry, some can code exploits with their
eyes closed and hands broken and others who can't but at least can
understand the concepts.  I always get a kick out the people who make fun of
those who can't code -- coding isn't everything but it is a skill worth
having.

CISSP looks good for client and the CxO crowd that has no other benchmark to
judge someone by.


-----Original Message-----
From: dailydave-bounces () lists immunitysec com 
[mailto:dailydave-bounces () lists immunitysec com] On Behalf Of 
Rodney Thayer
Sent: Tuesday, March 30, 2004 10:09 AM
To: dailydave () lists immunitysec com
Subject: Re: [Dailydave] Security Expert Certificates

At 10:50 AM 3/30/2004 -0500, Anton A. Chuvakin wrote:


I'd hate to sound "cisspish", but looks like I am behind the 

times here.

Does the above mean  that security is _only_ about writing exploits?


If someone's only a CISSP and has no other apparent 
qualifications, I tend to not trust them near anything more 
IP-aware than a light bulb.  I don't think it's about 
exploits.  I think it's about whether you know jack shit 
about security or networking in general.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave



_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: