Penetration Testing mailing list archives
RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer
From: "Marc Munk" <marc () pungloppen dk>
Date: Tue, 1 Aug 2006 00:31:27 +0200
At he looks of it atm i'v has been lucky enough to a given a chance to get in to one of the biggest consulting houses here in Denmark. I count on this to give me some much needed experience with the everyday network work. Which I imagine would be needed as a security consultant. I might add that pen-testing isn't one of the area's I'm hoping to work with. But I do expect that I'll have to do some of that. The areas I would like to work with are perimeter security and wireless security. And the forensics area sounds pretty interesting as well. -----Original Message----- From: Nathan Sportsman [mailto:nsportsman () gmail com] Sent: 31. juli 2006 23:13 To: Marc Munk Cc: ajindal () alumni cmu edu; pen-test () securityfocus com Subject: Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer All of my fellow peers who have graduated with a B.Sc. in Computer Science or Electrical Engineering from a reputable school have had no problems finding positions at top tier companies with or without experience or certifications. However, the majority of us did have an interest in security and had voluntarily tied ourselves to various projects over the course of our undergraduate education. Whether it was as a contributor to an open source project, a frequent poster to bugtraq, or an officer of the local ieee com chapter, we all had a way to demonstrate our abilities technically and back it up. Experience can come from a number of places and its up to you to show it. This is especially true when you are a recent graduate. In the end your involvement in the community will speak for itself. That coupled with an ability to breeze through any technical interview should be more than enough to get you in the door of that first job (or at least it was for my peers and I). As for the CISSP, I took this certification a couple of years ago and thought it was a complete joke. I thumbed through the material of one of those prep books for a few hours the day before the exam and was able to pass it no problem (its multiple choice by the way). Also if you do have a degree that counts as one year of experience, so now you only need another 3 years before you can take it. You could probably pass it now though, it is not a difficult test. Anyone who says otherwise is selling something, a nontechnical manager/hr rep, or not very bright. That being said, I do still include this on my resume for padding purposes as some jobs will not consider you unless you are certified. However, as mentioned on this list that will only get you through the HR recruiter. Once the interview moves on to second phase and you meet with the technical lead of the group, this certification will hold little to no value. What will count is your expertise and experience which will be ascertained then. This also all really depends on what you want to do. The research and development community probably places the least value on certifications whereas consulting and services probably places the highest value on certifications. Thanks Nathan Sportsman
------------------------------------------------------------------------
------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue
to
rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------
------
------------------------------------------------------------------------ ------
This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's
Choice Award from eWeek. As attacks through web applications continue
to rise,
you need to proactively protect your applications from hackers. Cenzic
has the
most comprehensive solutions to meet your application security
penetration
testing and vulnerability management needs. You have an option to go
with a
managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service
can
help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm
your
results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------ ------
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer Marc Munk (Jul 31)