Secure Coding mailing list archives

RE: certification for engineers/developers?

From: "Goertzel Karen" <goertzel_karen () bah com>
Date: Wed, 23 Mar 2005 03:44:25 +0000

ISC(2), which sponsors the CISSP, co-developed with NSA a CISSP
Concentration called the ISSEP - Information Systems Security
Engineering Professional. The focus is really on the National Security
Agency's way of doing systems security engineering, as reflected in the
SSE-CMM methodology, and in the DITSCAP and DIACAP certification
processes. If you do work with the Intelligence Community, it may be
worth considering. For more info:

https://www.isc2.org/cgi-bin/content.cgi?category=3D523

In the commercial space, an organization called the EC-Council (EC for
"e-commerce" not "European Community") is now offering two security
certifications specifically for software developers:  EC-Council
Certified Secure Programmer (ECSP) and Certified Secure Application
Developer (CSAD). I know nothing about the EC-Council, or how much value
or recognition these two certifications have or will get in future, but
it is interesting that someone has FINALLY come up with certifications
specifically addressing Software Assurance. For more info, check out:

http://www.eccouncil.org/ecsp/

--
Karen Mercedes Goertzel, CISSP
Booz Allen Hamilton
703-902-6981
[EMAIL PROTECTED]

Current thread:

certification for engineers/developers? j eric townsend (Mar 22)
- RE: certification for engineers/developers? Edward Rohwer (Mar 22)
- Re: certification for engineers/developers? Crispin Cowan (Mar 24)
  - RE: certification for engineers/developers? Yousef Syed (Mar 24)
    - RE: certification for engineers/developers? ljknews (Mar 24)
  - Re: certification for engineers/developers? Joe Teff (Mar 24)
- <Possible follow-ups>
- RE: certification for engineers/developers? Goertzel Karen (Mar 22)
- RE: certification for engineers/developers? Andrew Rucker Jones (Mar 23)
- RE: certification for engineers/developers? Jeremy Epstein (Mar 23)