Search
-
An oped on the issues of CISSP
CISSP certification: Are multiple choice tests the best way to hire infosec pros? | Ars TechnicaI'm not in security but I agree with it, especially if CISSP has questions like the pic in the article.I still may pursue CISSP since it's gold on a resume. It appears to give sufficient knowledge for management which is my… -
Re: An oped on the issues of CISSP
-
Re: An oped on the issues of CISSP
The CISSP seems borderline irrelevant for that engineering position, and I'm not surprised candidates holding the CISSP couldn't answer those technical questions. It could be open book and you couldn't answer those questions, that's not what the CISSP teaches, and 5 years of "actual" security experience doesn't necessarily… -
Re: An oped on the issues of CISSP
Your point might be valid if it was used in hiring as you describe, but unfortunately it isn't. It only takes a few minutes of perusing jobs to see that there are plenty of companies who require CISSP for any security position whatsoever. It is not uncommon to see jobs requesting two years of experience, but a CISSP is… -
Re: An oped on the issues of CISSP
But who is using CISSP as their sole selection criteria? Given that CISSP implicitly means that the candidate has 5 years of experience, I'm sure that whoever is hiring would be interested in that as well. The article as a whole is rather unsatisfactory. CISSP isn't meant to be proof of specific technical competence or the… -
Re: An oped on the issues of CISSP
Daniel is correct. The article is not technically incorrect - the CISSP is often misused as a measure of technical expertise - but ultimately misses the point. No one seeking to hire a pen tester should put much weight behind the CISSP, the CEH, or any other knowledge-based exam. Skills demonstration such as the OSCP or… -
Re: An oped on the issues of CISSP
-
Re: An oped on the issues of CISSP
That is correct. Every person actually bases their views on their experience, among other things. But on top of that I supply arguments why it is how it is and claim that it is applicable to this industry as a whole. And this is kind of disturbing, again. CISSP CBK is vendor-neutral and therefore it is okay not to teach… -
Re: An oped on the issues of CISSP
I'd agree with gespenstern. You say you are not hiring CISSP's but you used the cert as probably something nice to have, preferred or required, in addition you compared the person with CISSP vs the one without and at the end you hired the one without because of the technical knowledge. Then again you compare the many CISSP… -
Re: An oped on the issues of CISSP
The Ptacek guy is a former appsec pentester (at least he claims that he is) and now he's a recruiter. He has a long history of sh!tting on CISSP from a pentester viewpoint, thus OSCP instead of CISSP. Nowadays he seems to be pretty busy tweeting tens of tweets a day on political issues, such as demands to disarm majority…
26 results