Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OSCP

From: Craig Wilson <cwilson () ppilearning com>
Date: Wed, 17 Dec 2008 06:45:21 +0000
Of course it is just paper, no different from OSCP.  In any profession there will those who are not wholly competent.


----- Original Message -----
From: listbounce () securityfocus com <listbounce () securityfocus com>
To: christopher.riley () r-it at <christopher.riley () r-it at>
Cc: andreg () gmail com <andreg () gmail com>; arivas () hyphensolutions com <arivas () hyphensolutions com>; 
listbounce () securityfocus com <listbounce () securityfocus com>; pen-test () securityfocus com <pen-test () 
securityfocus com>; pen-test-return-1078487582 () securityfocus com <pen-test-return-1078487582 () securityfocus com>
Sent: Tue Dec 16 20:47:23 2008
Subject: Re: OSCP

I have seen this same problem so often it just eats me. I know a company
that had a test done by Earnest and Young in Nairobi, and the only
vulnerability that was found is the zone file transfer, and the guys are
CISSP certified, so whenever we meet with my fellow group of pentester
we laugh at it, saying,"u are vulnerable to dig!" Secondly u will see
employers, like a company called Safaricom employing CISSP, and the
other day i watched one of them trying to figure out how a SQLi really
works.

I think CISSP is just a paper. But business is always business.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: