Hi Craig,
look like you misinterpreted most of what I said or somehow, I did not
explain myself enough clearly. So let me rephrase.
"penetration1_googlemail.com" talked about being taken seriously and I
was arguing that certification and studies was not what I use to make an
opinion on competency level among security professional. I never said it
was crap. My own experiences prove certifications/studies were
absolutely not a perfect match with people competency. In your case, the
hole thing (publications, books, certifications, etc) would prove to
anyone you have large and proven competency. Your case is quite
different from the one who only did one or two certs and nothing else
really related to security.
As I said, I found certifications and studies really useful when dealing
with external people. It's not a perfect and/or always fare system but
it do help external people unable to measure themselves security
professional competency (clients, RH, etc). I guess a better system
would have to be free and complex while covering every aspect of
security professional abilities in order to be a really effective
measurement program. But I doubt this could ever be done.
Everything I said was without any pretension and signed has being my own
opinion. Still, for all those reason, my opinion does not change. My
only hope is to make the latest understood correctly.
---
Danny Fullerton
Founder
Mantor Organization
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
