[Owasp-cert] Private Note on Security

Christian Wenz chw at hauser-wenz.de
Tue Jul 29 14:29:12 EDT 2008

Some security topics are already part of the exam if I remember the topic list correctly. On a rather low level, though. But I am in favor of dropping the language-specific stuff – you do not need to know all web languages in order to be a web app security professional.





Hmmm. You triggered an interesting thought. What if we were to drop language-specifics and instead figure out also how to encourage Microsoft to ask security questions in their  <http://ASP.NET> ASP.NET Web Developer Exam?

Very interesting note, thanks for sharing. I obviously agree with 1) – see my previous posting. 2) is very interesting, I wasn’t aware of those statistics. That’s definitely something to watch out for. On the other hand I think that web application security and OWASP are more “mainstream” and target a wider audience than CISSP. One of the mail goals of OWASP is that best practices for secure (web) coding and planning should be promoted, which appeals to a lot of people, who in turn are targets for certification. Are there any numbers for more web related certifications, like Microsoft’s  <http://ASP.NET> ASP.NET Web Developer exam, or Zend PHP, or … ? 


Best regards



-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-cert/attachments/20080729/02e0b07f/attachment.html 

More information about the Owasp-cert mailing list