CISSP - The Certified Information Systems Security Professional
The CISSP is known as the "gold standard" of security certifications. It is governed by the International Information Systems Security Certification Consortium or (ISC)2. The CISSP is a baseline certification recognized by the Department of Defense and the National Security Agency.
ISSAP - Information Systems Security Architecture Professional - a CISSP certification with a concentration in information systems security architecture.
ISSEP - Information Systems Security Engineering Professional- a CISSP certification with a concentration in information systems security engineering.
ISSMP - Information Systems Security Management Professional - a CISSP certification with a concentration in information systems security management.
CISM - Certified Information Security Manager
The CISM is a globally recognized Information Security Manager designation, offered by the ISACA organization. The CISM certification program is developed specifically for experienced information security managers and those who have information security management responsibilities. The CISM certification is for the individual who manages, designs, oversees and/or assesses an enterprise's information security (IS). The CISM certification promotes international practices and provides executive management with assurance that those earning the designation have the required experience and knowledge to provide effective security management and consulting services. The CISM job practice also defines a global job description for the information security manager and a method to measure existing staff or compare prospective new hires.
CSSLP - Certified Secure Software Lifecycle Professional
The CSSLP is the newest certification available from the (ISC)2. It is the only certification of its kind - ensuring that security is considered throughout the entire software lifecycle. It's comprised of seven Domains created around the specific need for building security in the software lifecycle. The seven domains covered include:
Secure Software Concepts - security implications in software development
Secure Software Requirements - capturing security requirements in the requirements gathering phase
Secure Software Design - translating security requirements into application design elements
Secure Software Implementation/Coding - testing for security functionality and resiliency to attack, and developing secure code and exploit mitigation
Secure Software Testing - testing for security functionality and resiliency to attack
Software Acceptance - security implication in the software acceptance phase
Software Deployment, Operations, Maintenance and Disposal - security issues around steady state operations and management of software
SSCP - Systems Security Certified Practitioner
The SSCP or Systems Security Certified Practitioner is a mid level certification that is available through the (ISC)2. The SSCP is meant for professonals such as Senior Network Security Engineers, Senior Security Systems Analysts or Senior Security Administrators. The certification is for those information security professionals with a focus on implementations.
No comments:
Post a Comment