Which Security Cert?
Tesl
Member Posts: 87 ■■■□□□□□□□
Hey Guys,
I'm trying to pick a Security cert to start working on. I actually think my practical skills with InfoSec are pretty good overall, but I want to find something to compliment it. Here's what I'm thinking right now:
Security+ looks a bit too simple, and that I'm wasting my time a bit. I reckon I could have that passed in a few weeks if required - may be helpful, but not a real long term target.
CISSP - Possibly too management orientated and not quite as technical as I'd like. Also I don't have the experience to actually qualify to be a CISSP (Though I'm still tempted to study it anyway)
CCSP - Can't really afford the equipment, and I'm not sure I want to narrow on Cisco so much.
What are the others that are good? I want something which is fairly cheap to do (ie, don't need to take an expensive course, and there is sufficient reading material available to pass) but contains lots of practical knowledge. Or at least, as practical as possible.
I love security and have spent quite some time reverse engineering software (legally, for study) and am quite capable of coding exploits (buffer overflows, format strings, heap based overflows etc). Legally of course.
Right now I'm not looking to get Security certs to move into a Security position, though I do partially have my eyes on turning myself into an overpaid Security consultant in the future. So I want to hone my skills whilst picking up a valuable, respected, difficult certification whilst being able to learn plenty in the process. Without bankrupting myself
A lot of the ethical hacker stuff looks great, but I'm not sure I could convince my company to send me on those courses (Since I'm a programmer, not an SA)
Is there anything which fits this category right now.....?
I'm trying to pick a Security cert to start working on. I actually think my practical skills with InfoSec are pretty good overall, but I want to find something to compliment it. Here's what I'm thinking right now:
Security+ looks a bit too simple, and that I'm wasting my time a bit. I reckon I could have that passed in a few weeks if required - may be helpful, but not a real long term target.
CISSP - Possibly too management orientated and not quite as technical as I'd like. Also I don't have the experience to actually qualify to be a CISSP (Though I'm still tempted to study it anyway)
CCSP - Can't really afford the equipment, and I'm not sure I want to narrow on Cisco so much.
What are the others that are good? I want something which is fairly cheap to do (ie, don't need to take an expensive course, and there is sufficient reading material available to pass) but contains lots of practical knowledge. Or at least, as practical as possible.
I love security and have spent quite some time reverse engineering software (legally, for study) and am quite capable of coding exploits (buffer overflows, format strings, heap based overflows etc). Legally of course.
Right now I'm not looking to get Security certs to move into a Security position, though I do partially have my eyes on turning myself into an overpaid Security consultant in the future. So I want to hone my skills whilst picking up a valuable, respected, difficult certification whilst being able to learn plenty in the process. Without bankrupting myself
A lot of the ethical hacker stuff looks great, but I'm not sure I could convince my company to send me on those courses (Since I'm a programmer, not an SA)
Is there anything which fits this category right now.....?
Comments
-
snadam Member Posts: 2,234 ■■■■□□□□□□I was going to mention CEH, but looks as though I was beat to it.
However,
couple of my colleagues who are security engineers have obtained and are fond of this cert
GIAC Security Essentials Certification (GSEC)
not to mention there are different levels and categories to choose from.**** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine
:study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security -
sprkymrk Member Posts: 4,884 ■■■□□□□□□□I also agree, one of the GIAC certs might be what you are looking for. They even have software security certs.
http://www.giac.org/certifications/All things are possible, only believe. -
JDMurray Admin Posts: 13,101 AdminThe SSCP is the technically-oriented companion to the more managerial CISSP certification. It's worth a ponder.