Security Certifications
- Thread starter Wapp
- Start date
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Zugzwang152
Lifer
- Oct 30, 2001
- 12,134
- 1
- 0
The holy grail of security certifications remains the CISSP. It is very broad knowledge, but not very in-depth. It is the most well known security certification, and therefore a lot of employers will ask for it.
I am a big proponent of SANS training and their GIAC certifications. These represent in-depth detailed training and certification on a very wide variety of topics. Examples include incident handling, intrusion detection, and reverse engineering malware. As far as I'm concerned, this is the best training you can get right now. The GIAC certs are not as well known as CISSP, but their top certification GSE is extremely hard to get. Only 10 people have obtained the credential since its inception in 2003.
There's a number of other popular more entry-level certifications, such as CompTIA's Security+.
ISACA gives out the CISA and CISM certifications.
I've also heard about CEH, but don't know how good this program is.
I hold the entry-level GSEC right now. I plan to work on CISA and possibly something from Microsoft before attempting CISSP when I have enough work experience.
I am a big proponent of SANS training and their GIAC certifications. These represent in-depth detailed training and certification on a very wide variety of topics. Examples include incident handling, intrusion detection, and reverse engineering malware. As far as I'm concerned, this is the best training you can get right now. The GIAC certs are not as well known as CISSP, but their top certification GSE is extremely hard to get. Only 10 people have obtained the credential since its inception in 2003.
There's a number of other popular more entry-level certifications, such as CompTIA's Security+.
ISACA gives out the CISA and CISM certifications.
I've also heard about CEH, but don't know how good this program is.
I hold the entry-level GSEC right now. I plan to work on CISA and possibly something from Microsoft before attempting CISSP when I have enough work experience.
Originally posted by: Wapp
What Certs do you have? Which ones do you find help you the most in the security field?
Hiring wise we definately look for CISSPs...
Originally posted by: Wapp
What Certs do you have? Which ones do you find help you the most in the security field?
Certs are always a hot topic. Which are good? Which ones are watered down? Which are relevant to what?
I agree with Z152. The SANS certs are pretty damn good and focused enough to make them valuable.
The CISSP (which I have) is still a pretty good cert although I think it is losing some of it's luster. The important thing to remember about the CISSP cert is that it is a MANAGEMENT cert., not a technical cert. I see a lot of non manager job postings (security engineer, security analyst, etc) that are asking for a CISSP. That just tells me they have no idea what a CISSP cert means, they're just looking for a cert.
Zugzwang152
Lifer
- Oct 30, 2001
- 12,134
- 1
- 0
Originally posted by: SecPro
Originally posted by: Wapp
What Certs do you have? Which ones do you find help you the most in the security field?
Certs are always a hot topic. Which are good? Which ones are watered down? Which are relevant to what?
I agree with Z152. The SANS certs are pretty damn good and focused enough to make them valuable.
The CISSP (which I have) is still a pretty good cert although I think it is losing some of it's luster. The important thing to remember about the CISSP cert is that it is a MANAGEMENT cert., not a technical cert. I see a lot of non manager job postings (security engineer, security analyst, etc) that are asking for a CISSP. That just tells me they have no idea what a CISSP cert means, they're just looking for a cert.
It's becoming something akin to MCSA/MCSE for Windows administration. It's something you just have to have to advance your career beyond a certain point.
Recently, the ISC2 folks have increased the work experience requirement from four to five years. The number of years of exemptions stayed the same, so essentially they've raised the experience requirement from 2 to 3 years relevent experience (since few will attempt this certification without a bachelor's degree and another "lesser" cert, like Sec+ or GSEC). This sucks for me.
Originally posted by: Zugzwang152
Originally posted by: SecPro
Originally posted by: Wapp
What Certs do you have? Which ones do you find help you the most in the security field?
Certs are always a hot topic. Which are good? Which ones are watered down? Which are relevant to what?
I agree with Z152. The SANS certs are pretty damn good and focused enough to make them valuable.
The CISSP (which I have) is still a pretty good cert although I think it is losing some of it's luster. The important thing to remember about the CISSP cert is that it is a MANAGEMENT cert., not a technical cert. I see a lot of non manager job postings (security engineer, security analyst, etc) that are asking for a CISSP. That just tells me they have no idea what a CISSP cert means, they're just looking for a cert.
It's becoming something akin to MCSA/MCSE for Windows administration. It's something you just have to have to advance your career beyond a certain point.
This is true for my case. I was just transfered to a Security Engineer position and one stipulation was that I complete the CISSP.
Also, as far as the GIAC certs go, does the fact that they are non-proctored/open book cheapen them? I know the DD 8750 employees are required to be proctored to count but they are still open book.
elcamino74ss
Senior member
- Jun 6, 2005
- 215
- 0
- 0
I've had my CISSP for over three years and I'm one of the ones that has it with no degree and the 4-5 years experience.
Zugzwang152
Lifer
- Oct 30, 2001
- 12,134
- 1
- 0
Originally posted by: Wapp
Originally posted by: Zugzwang152
Originally posted by: SecPro
Originally posted by: Wapp
What Certs do you have? Which ones do you find help you the most in the security field?
Certs are always a hot topic. Which are good? Which ones are watered down? Which are relevant to what?
I agree with Z152. The SANS certs are pretty damn good and focused enough to make them valuable.
The CISSP (which I have) is still a pretty good cert although I think it is losing some of it's luster. The important thing to remember about the CISSP cert is that it is a MANAGEMENT cert., not a technical cert. I see a lot of non manager job postings (security engineer, security analyst, etc) that are asking for a CISSP. That just tells me they have no idea what a CISSP cert means, they're just looking for a cert.
It's becoming something akin to MCSA/MCSE for Windows administration. It's something you just have to have to advance your career beyond a certain point.
This is true for my case. I was just transfered to a Security Engineer position and one stipulation was that I complete the CISSP.
Also, as far as the GIAC certs go, does the fact that they are non-proctored/open book cheapen them? I know the DD 8750 employees are required to be proctored to count but they are still open book.
Proctored vs. unproctored is basically a way to make sure no one is helping you by telling you answers. Even in the proctored version you're given a computer with Internet access to Google for answer should you feel inclined to. However, the test is structured so you cannot complete it in time by web searching or looking up in the textbooks every single answer. You have to know a good portion of the material.
I'd actually like to see them reduce the time limit from 3 to 2 hours for the Silver-level tests. That would be quite a challenge. I finished the first GSEC exam in about an hour, but the second one took me almost 2 hours, as I was very weak in the UNIX Security section.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 19K
-
-
-
AnandTech is part of Future plc, an international media group and leading digital publisher. Visit our corporate site.
© Future Publishing Limited Quay House, The Ambury, Bath BA1 1UA. All rights reserved. England and Wales company registration number 2008885.
Facebook
Twitter