Thursday, February 21, 2008

Certification for Web Application Security Professional

Web Application Security Consortium and SANS has partnered together to define, train, test and certify the individuals. WASC is a leading web application security organization and SANS is a leader in training and certification. Together they have the subject matter expertise and process expertise to make this a huge success.

Why do we need this certification?

As more and more software is moving to a Web-based delivery model modern applications are becoming increasingly sophisticated and vital to business. With online business, come a number of new security risks that are exacerbated by immature Web application security programs.

With 9 out of 10 websites having vulnerabilities, the security state of the Web is dire. Due to lack of options many people are being hired into the web application security field to take up positions without a solid understanding of the attack techniques and defense strategies to match. Often newcomers are confused by the complexities involved and desire something that’ll help them think like a hacker, identify their tactics, and thwart their attacks.
The certification will assist future web application security professionals entering the field to get a strong grasp of the requirements and get up to speed with the in-depth knowledge of web application security.

What is this certification about?

This certification enables web application security professionals to showcase their skills to potential employers, customers or vendors. And for employers this certification will assist them in evaluating the qualifications of respective candidates. Those certified are required to possess quality baseline set of skills to be considered web application security professionals.

We are doing a survey of the topics to be covered in the certification. If you have experience in the web application security industry, please spare few minutes to take part in this survey.