From: Michael Hammer (dotzero@gmail.com)
Date: Wed Jun 22 2005 - 10:11:50 EDT
You might want to take a look at the training (and certification)
offered by SEI/CERT. I've only taken one course with them but was
impressed enough that I am going for their certification program (next
class coming up).
http://www.cert.org/certification/
The positives are:
1) Combination of labs and lectures (certification exam is both hands
on and written);
2) Emphasizes methodology (SEI also offers great classes on software
engineering for survivability)
3) The instructors (at least all the ones I have met) are DOD or
retired DOD and know their stuff.
4) Caliber of the other class attendees was extremely high.
The negatives are:
1) The classes are not cheap and when you total the number of classes
required to get certified, this is one of the more expensive
certifications around (on the other hand I would consider it one of
the more meaningful certifications areound)
2) If you are only focusing on pen-testing then this might be
overkill. The certification is intended to cover handling incident
response (but isn't this the other side of the coin so to speak)
3) The courses are not scheduled frequently enough to get the
certification quickly.
4) Classes are only offered in Pittsburgh or the DC area.
5) If you don't already have a certain level of proficiency in the
computer security arena you might have difficulty keeping up in the
class. The expectation is that you will have 2 years of experience
going into this.
Mike
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:28 EDT