Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Certification in Web application security

from [Steve Armstrong] Network Security [Permanent Link]
Subject: RE: Certification in Web application security
Date: Fri, 22 Feb 2008 16:40:23 -0000 
Whiehat,

I am sure GWAS has not gone, as I only finished the exam 4 hours ago!  

However, the exam/certification is for the 2 day Web Application
Security Workshop SEC-519.  
The STAR certificate is for course SEC-419, so it is the same subject
but less detailed.  Level 5xx are more challenging than level 4xx ones.

As far as I can see the course still runs (next one:
http://www.sans.org/link.php?id=790&mid=1032&portal=ec27e8472abb638477e0
9688196db607).

Personally, I don't rate CEH or CISSP for its Web App testing and would
not consider a holder as having any proven skills in web app hacking -
both are too general and broad to cover in detail all the various parts
of web app testing.  (I say this with personal experience as I do hold
both).

If you don't want to do the SANS courses then try some other vendors for
country specific courses - I don't know where you live so I cannot give
you any examples, but BlackHat so some cool training courses - usually
by the likes of Foundstone or Sensepost these are highly rated and
respected as they are real hands on rather than powerpoint based
courses.

HTH


Steve A

---------

Insert list of certificates and certifications here
Insert witty line about Linux and windows here


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of whitehat
Sent: 21 February 2008 15:31
To: pen-test@securityfocus.com
Subject: Certification in Web application security

Hi List,


I would like to do a Certification in Web Application Security.
As I wanted to do GWAS before but it is no more as GWAS now and STAR 
instead.
I'm in confusion now, so which certification you would like to suggest
me.

Cheers,

Whiehat.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Split Kismet log file, Matheus Michels
Next by Date:  Re: maltego yahoo api key, Robin Wood
Previous by Thread:  Re: Certification in Web application security, Jarrod Frates
Next by Thread:  Re: Certification in Web application security, Yousif
Indexes:  [Date] [Thread] [Top] [All Lists]