Dailydave mailing list archives
Re: Information security certifications diversity and getting lost
From: "Andre Gironda" <andreg () gmail com>
Date: Tue, 11 Sep 2007 11:06:06 -0500
On 9/11/07, Jason Alexander <jalexander () plus net> wrote:
I think a lot of the answers on this thread seem to concentrate on pen testing knowledge and techniques
Not exactly, but you're on the right track. Dave and others have a fixation on buffer overflows and "breaking code(s)". Some people simply feel that they are the best in the world at "security" because their hex knowledge goes the deepest. It's a penis-size matching contest that is actually worse than having the letters CISSP on your business card (although I admit that I'm a poser/wannabe in both these categories of snobbery/elitism). Besides, with specific regard to pen-testing: a full vulnerability assessment is best done by looking at other softer aspects - such as code reviews, strategy consulting around how software is purchased/built/integrated, incident response, threat-modeling, and http://en.wikipedia.org/wiki/Certified_Social_Engineering_Prevention_Specialist (just to throw that in there to see what reactions I get). When and if I get a CISSP, I'm going to make the letters "CISSP" my entire business card. You'll be able to punch out the letters (like you can remove the lockpicks from Mitnick's card), they'll be made out of fuzzy material with magnets on the back, and the cardback will be scratch and sniff. dre _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: Information security certifications diversity, (continued)
- Re: Information security certifications diversity Lindley James R (Sep 10)
- Re: Information security certifications diversity andgetting lost Weston, David (Sep 10)
- Re: Information security certifications diversity andgetting lost nnp (Sep 10)
- Re: Information security certifications diversity andgetting lost Paul Wouters (Sep 11)
- Re: Information security certifications diversity andgetting lost matthew wollenweber (Sep 11)
- Re: Information security certifications diversity and getting lost Kristian Erik Hermansen (Sep 10)
- Re: Information security certifications diversity and getting lost Darren Spruell (Sep 10)
- Re: Information security certifications diversity and getting lost Thomas Ptacek (Sep 10)
- Re: Information security certifications diversity and getting lost Bruce Ediger (Sep 10)
- Re: Information security certifications diversity and getting lost Jason Alexander (Sep 11)
- Re: Information security certifications diversity and getting lost Andre Gironda (Sep 11)