[prev in list] [next in list] [prev in thread] [next in thread]
List: websecurity
Subject: RE: [WEB SECURITY] market for training CISSPs how to code
From: "JOSEPH D'COSTA /MOFFT/INFOTECH/VASHI"
Date: 2010-03-25 4:58:57
Message-ID: 746AF506B4ADD643896EA29DCF53957481A0F116 () MUMVSHEXMB01 ! infotech ! com
[Download RAW message or body]
_________________________________________________________________________________________
I agree with Eugene, since Applications are vulnerable, we need to see that Best \
practices are implemented. Guess, you wouldn't need much convincing to have a CISSP \
having coding knowledge to give some training.
Regards,
__________________________________________________________________________________________
Joseph D'costa, Manager - IT Services (ADMS & Enterprise Applications) , 3i Infotech \
| www.3i-infotech.com \
__________________________________________________________________________________________
________________________________________
From: Eugene Kuznetsov [kuznetso@gmail.com]
Sent: Wednesday, March 24, 2010 8:47 PM
To: Niranjan Patil
Cc: websecurity@webappsec.org; neza0x@gmail.com; Matt Parsons; \
OWASPDallas@utdallas.edu; SC-L@securecoding.org; Ziots, Edward
Subject: Re: [WEB SECURITY] market for training CISSPs how to code
While being a security professional and writing secure code are
definitely different specialties, one finds it difficult to see how
someone can assess risks of software vulnerabilities without having been
a coder in the past, or at least having had enough training in writing
software to be able to read and comprehend source code.
On Tue, 2010-03-23 at 09:46 +0530, Niranjan Patil wrote:
> Agree with others; application security is one of the CBK/ among many
> other areas of security. More often we have been seen (or portrayed
> ourselves?) as a generalists than specialists in security. One can
> just have holistic and architectural view of enterprise security
> and/or be a specialist. For me, I have been more comfortable in
> network security all these years that in any other area.
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
---
This e-mail message may contain confidential, proprietary or legally privileged \
information. It should not be used by anyone who is not the original intended \
recipient.If you have erroneously received this message, please delete it immediately \
and notify the sender. The recipient acknowledges that 3i Infotech or its \
subsidiaries and associated companies, (collectively "3i Infotech"), are unable to \
exercise control or ensure or guarantee the integrity of/over the contents of the \
information contained in e-mail transmissions and further acknowledges that any views \
expressed in this message are those of the individual sender and no binding nature of \
the message shall be implied or assumed unless the sender does so expressly with due \
authority of 3i Infotech. Before opening any attachments please check them for \
viruses and defects.
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic