Penetration Testing mailing list archives
Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer
From: "Nathan Sportsman" <nsportsman () gmail com>
Date: Mon, 31 Jul 2006 16:03:52 -0500
All of my fellow peers who have graduated with a B.Sc. in Computer Science or Electrical Engineering from a reputable school have had no problems finding positions at top tier companies with or without experience or certifications. However, the majority of us did have an interest in security and had voluntarily tied ourselves to various projects over the course of our undergraduate education. Whether is was as a contributor to an open source project, a frequent poster to bugtraq, or an officer of the local ieee com chapter, we all had a way to demonstrate our abilities technically and back it up. Experience can come from a number of places and its up to you to show it. This is especially true when you a recent graduate. In the end your involvement in the community will speak for itself. That coupled with an ability to breeze through any technical interview should be more than enough to get you in the door of that first job (or at least it was for my peers and I). As for the CISSP, I took this certification a couple of years ago and thought it was a complete joke. I thumbed through the material of one of those prep books for a few hours the day before the exam and was able to pass it no problem (its multiple choice by the way). Also if you do have a degree that counts as one year of experience, so now you only need another 3 years before you can take it. You could probably pass it now though, it is not a difficult test. Anyone who says otherwise is selling something, a nontechnical manager/hr rep, or not very bright. That being said, I do still include this on my resume for padding purposes as some jobs will not consider you unless you are certified. However, as mentioned on this list that will only get you through the HR recruiter. Once the interview moves on to second phase and you meet with the technical lead of the group, this certification will hold little to no value. What will count is your expertise and experience which will be ascertained then. This also all really depends on what you want to do. The research and development community probably places the least value on certifications whereas consulting and services probably places the highest value on certifications. Thanks Nathan Sportsman On 7/31/06, Marc Munk <marc () pungloppen dk> wrote:
I'm facing the same problem as you do. I'v been looking into difference sans certifications because they don't require experience but they do give some hands on lab work at the training. Not to mention the possibility to take a gold level cert. by writing an assignment. But I don't have any security certs or experience in the area. -----Original Message----- From: ankur jindal [mailto:ankurjn113 () hotmail com] Sent: 31. juli 2006 05:53 To: pen-test () securityfocus com Subject: Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer Hey everyone I am a fresh graduate just out of school with no industry experience of security, just academic work. I am looking for security work but almost all the positions in the pen-test area require n years of experience or a certification. Unless I start work in the security field and actually experience how things work I do not get the prereq experience to deserve the certification as per most. But again if I get a certification without any experience then that doesn't help either for others. What should I gather from this discussion then? Ankur ---------------- >Not true. Certification can provide those lacking experience to show >ability and be an asset to an >organization in that particular field. So it >can show credibility where no experience exists. People >already do this >now looking to switch job descriptions, need to learn a specific aspect of >a job, seek to >enhance current ability, or to improve their marketability >for new jobs. ------------------------------------------------------------------------ ------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------ ------ ------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
------------------------------------------------------------------------------ This List Sponsored by: CenzicConcerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------
Current thread:
- RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE), (continued)
- RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE) Shahin Ansari (Jul 27)
- RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE) David Cross (Jul 27)
- Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE) Syv Ritch (Jul 27)
- RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE) Strand, John (Mission Systems) (Jul 29)
- RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE) R. DuFresne (Jul 29)
- Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer v3.1 (FREEWARE) Pete Herzog (Jul 30)
- Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer ankur jindal (Jul 31)
- RE: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer Marc Munk (Jul 31)
- Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer Michal Merta (Jul 31)
- Re: Hacker Stories, Certs, vs Projects - Was Re: Technitium MAC Address Changer Nathan Sportsman (Jul 31)