Application Security Experience

Chassidic1 · October 2013

B"H

From people who passed CISSP without a background in programming or web development; did you feel like it was sufficient to know the application layer security concepts mentioned in CISSP books without too much external study? I wonder: is it worthwhile to maybe "get into" some lighter programming language like python or something web related to better relate to the security topics in this domain? I don't yet have much background in coding...

Thanks,
Dovid

broli720 · October 2013

It was more than sufficient. I've took a few Java classes as a freshman in college and know a little python but by no means would I consider myself an expert. The book I read (Eric Conrad's) really only focused on core concepts of application security so you should be ok.

cyberguypr · October 2013

Absolutely overkill onless you really want to learn programming for other reasons. Keep in mind that the cert is oriented at management. Those peeps will not bother to learn any programming languages. I despise programming and wouldn't touch it with a 10 foot pole. Did fine on the test.

redz · October 2013

Cyber is right, like, 99% of the time. Here are two examples:

cyberguypr wrote: »

Absolutely overkill

cyberguypr wrote: »

despise programming

Take his advice. If you decide not to listen to Cyber, then take my advice:

Learning programming for the CISSP is like learning chess to prepare for a swim meet.

Chassidic1 · October 2013

B"H

Thanks guys - much appreciated. I just spent what felt like an hour this morning looking at "Web Goat". I figured maybe to better understand the application layer attacks I could try them out on that Web Goat...

Best Regards,
Dovid

samurai86 · October 2013

Ya I think the books cover more than enough.

Application Security Experience

Comments