Secure Coding mailing list archives
Darkreading: Secure Coding Certification
From: Jason.Bennett at thales-esecurity.com (Bennett, Jason)
Date: Wed, 16 May 2007 09:02:32 +0100
Lots of interesting points have been made about the SANS test in particular and multiple choice certifications in general. I think that this, and no I haven't seen the questions so I could be wide of the mark, are a pragmatic step in the right direction. I agree that while this sort of exam can be passed by someone who is almost clueless, or I think more accurately can remember facts but wouldn't be able to apply them to real world situations, experience is not the be all and end all - if this was the case we wouldn't still be seeing the same old mistakes being made time and time again! So until we have a better way of measuring knowledge, and I'm not convinced that will ever happen, this seems at least to be a good idea but certainly not ideal. Hopeful it will raise awareness of the subject and maybe even get people into the idea constant improvement throughout their career. In conclusion I think the original article made some good points but it is a bit harsh on what can realistically be achieved at this point it time. The certification should be seen a part of and not a substitute for what can only be learnt through experience, guidance and the one that always seems to be forgotten, keeping up with what is happening in the area of developing secure code. Consider the environment before printing this mail. "Thales e-Security Limited is incorporated in England and Wales with company registration number 2518805. Its registered office is located at 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Nr. Weybridge, Surrey KT15 2NX. The information contained in this e-mail is confidential. It may also be privileged. It is only intended for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee or the intended addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error please delete it (and all copies) from your system, please also inform us immediately on +44 (0)1844 201800 or email postmaster at thales-esecurity.com. Commercial matters detailed or referred to in this e-mail are subject to a written contract signed for and on behalf of Thales e-Security Limited".
Current thread:
- Darkreading: Secure Coding Certification, (continued)
- Darkreading: Secure Coding Certification pmeunier (May 15)
- Darkreading: Secure Coding Certification ljknews (May 12)
- Darkreading: Secure Coding Certification Steven M. Christey (May 14)
- Darkreading: Secure Coding Certification McGovern, James F (HTSC, IT) (May 14)
- Darkreading: Secure Coding Certification Greg Beeley (May 14)
- Darkreading: Secure Coding Certification ljknews (May 14)
- Darkreading: Secure Coding Certification Steven M. Christey (May 14)
- Darkreading: Secure Coding Certification ljknews (May 14)
- Darkreading: Secure Coding Certification Greg Beeley (May 14)
- Darkreading: Secure Coding Certification Steven M. Christey (May 14)
- FW: Darkreading: Secure Coding Certification Gary McGraw (May 15)
- Darkreading: Secure Coding Certification Bennett, Jason (May 16)
- Darkreading: Secure Coding Certification Gary McGraw (May 16)
- Darkreading: Secure Coding Certification McGovern, James F (HTSC, IT) (May 16)