Re: GIAC Dilution

Andy Cuff [Talisker] sighed and wrote::
> Good Evening,
>
> <rant>
> Am I alone in thinking that SANS have greatly reduced the value of a GIAC
> certification?  For those that are not aware SANS no longer require the
> submission of a paper in order to pass but merely an exam.  They claim that
> too many people were unable to complete GIAC certification due to the hard
...<deletia>

I do agree with you in part that it might just 'dilute' the
GIAC reputation; but, on the other hand, if I read correctly,
if you take the Exam Only, you get some 'Exam-only' stated
Certification.  As far as I can see, this will still be
different from the said 'original' certification.  I am
sure SANS will clearly be able to include a notification of
some sort on the certificate stating that so-and-so has
completed the EXAM-ONLY certification process.   So any
would-be employer (security or otherwise) will then be able
to differentiate the two certificates and then make the
judgement then.

While (speculation here) EXAM-ONLY (E-O) certifications
may increase the # of 'security' professionals, you have
to realize that the exam process can also be made a lot
harder.   And from the last time I checked their page
(a couple of months ago), the # of ethics violations had
increased.

No, I'm not a 'qualified' security professional, as most of
the security knowledge I've gained were mostly from the web
and a bit of reading.  Quite a few factors prevent me from
actually attending SANS certificate courses, otherwise,
it would be nice to be GIAC certified (E-O or not).

Good luck in your tests.

Edmund