Not all certifications are equal. As the author states, SANS is a crediable group. Here are some items which set SANS as a leader.
1) Use input of security leaders such Marty Rosech (Snort), Richard Stevens (IP the protocols book (before he died)), the creator of Tripwire (can't remember his name) and others.
2) To earn a certification, you must complete a practical which is posted online for anyone to read. This practical be not be everything, but it demonstrates the ability of the canidate to communicate and report on specific security topics. Check out the practicals here: http://www.giac.org/cert.php
3) If you have been to a SANS conference, you know that the staff all have experience with network security for DoD, Navy, and other high security positions.

It would be helpful if the author could separate the bad certs from the good.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/118/16911#16911