WebApp Sec mailing list archives
Re: RE: RE: Notes from CISSP class with Dr. Eric Cole
From: f_kenisky () earthlink net
Date: 12 Oct 2005 12:40:30 -0000
Hummmm... Interesting but it's not funny if you have to explain the punch line. I'm not trying to be mean or ridicule your comment. I will try to explain. About four years ago MS began to realize that secure coding was important. This after years of trial and error. They (MS) never really gave "security" much thought. Then after being proded by the industry they decided to go in the direction of "secure coding" without any more knowledge and they did before. They hired someone with vast knowledge in a field unrelated to 'infosec' and put them incharge of 'secure coding'. This isn't considered in any security course (if you paid attention in class) the correct method of doing things. (Please don't take this as a direct slam at your lack of MS knowledge but more like a Discovery Channel Special). Then because of industry pressure MS decides to offer a MS 'Security' Certification. Hummmm... Interesting that they don't think someone holding a CISSP, CISA or a CISM is qualified to teach MS Security. So the logic behind this knee jerk reaction to the industry is that MS knows how it "WANTS" to do security not how the industry demands it should be done. Of course, I'm only providing you the punch line so you can get the joke don't take this personally. What I find interesting is that if you've ever taken a SANS security course in the beginning. (And I mean with SANS first started out before it ever offered the "G" certifications.) the people offering the classes had "0" certification. Stephen Northcutt, Alan Pallard and many others who are currently teaching classes. Now what made them have the knowledge to create the "G" certifications and how could they have taught CISSP classes without a CISSP? But you don't see the humor in the fact that MS required someone to be MS "security" certified before it could teach one of it's classes. Now that's funny! Frank Kenisky IV, CISSP, CISA, CISM Information Systems Security Specialist
Current thread:
- Re: Re: Notes from CISSP class with Dr. Eric Cole, (continued)
- Re: Re: Notes from CISSP class with Dr. Eric Cole f_kenisky (Oct 11)
- Re: RE: Notes from CISSP class with Dr. Eric Cole f_kenisky (Oct 11)
- RE: RE: Notes from CISSP class with Dr. Eric Cole Craig Wright (Oct 12)
- RE: Notes from CISSP class with Dr. Eric Cole PPowenski (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole intel96 (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole intel96 (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole kgp (Oct 12)
- RE: Notes from CISSP class with Dr. Eric Cole Mark Roxberry (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole intel96 (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole Saqib Ali (Nov 02)