Dailydave mailing list archives
Re: Fwd: Re: Security Expert Certificates
From: Peter Wood <peterw () firstbase co uk>
Date: Thu, 01 Apr 2004 12:55:03 +0100
Hi >Aaaww c'mon, I thought it was pretty clear I wasn't *that* serious. The >point is I think you're probably not a good forensics engineer without >knowing how to take unknown stuff apart, which requires some assembly skills >you'd also need for exploit construction. Fair comment. You're right. >On a similar note, I'm tired of the approach of IDS being some sort of >automated alerting tool which just rings a bell when something bad happens. >IDS are expert tools and will always be, and you won't be able to verify and >make any substantial comments on what happened if you don't know how an >exploit works.Yeah. I absolutely agree with this. In fact IDS as a waste of space is one of my hobby horses.
>I totally agree on the target audience bit, of course, with regards to the >actual contents of the paper. Only thing is I believe we've all had our >share of people who think they can ignore the backgrounds of technology >(while discussing technical issues) since they have such an excellent view >of the "big picture". Maybe I'm just a frustrated security consultant, but I >see that all the time, and those people are fairly often the ones who also >flunk big time when it comes to, erm, higher-level securtiy questions. True. >Of course you need to convince management and the like. However, I think >knowing what you're talking about, even if you abstract it so Mr Suit will >grok it, surely helps the cause. I just don't think anybody needs another >Gartner group report on either IDS or forensics. Okay, that's spot on too. >> PS No CISSP yet but 35 years as an engineer and a techie so far ;-) > >I'm actually planning on getting it now, for very pragmatic reasons - I'm >getting divorced and have to pay alimentation... Oooh, I sympathise with that too. Expensive and unpleasant. >Cheers, really, really, no offense intended..... and none taken I assure you. I talked to a chum of mine who's a recruitment specialist yesterday and he says CISSP is losing respect in UK as it's seen as "a mile wide and an inch deep".
Thanks for such a thoughtful reply. I apologise if I sounded upset in my initial response - I really wasn't.
cheers Pete --------------------------------------------------------------------------------------------------------------------------------*** Come and visit our stand number 614 at Infosecurity, Olympia, 27th-29th April *** *** Free Tickets available from: http://www.fbtechies.co.uk/exhibitions.shtml ***
-------------------------------------------------------------------------------------------------------------------------------- Peter Wood FBCS CITP MIMIS MIEEE Chief of Operations First Base Technologies +44 (0)1273 454525 www.fbtechies.co.uk www.white-hats.co.uk _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Fwd: Re: Security Expert Certificates Peter Wood (Apr 01)