[Dshield] On Certs

Johannes Ullrich jullrich at euclidian.com
Tue Oct 7 21:42:24 GMT 2008

Let me reply to a couple of the posts here:

First, regarding the GSE. The GSE is a special case. There are only a dozen
or so of them, which of course makes it hard to ask HR to ask for a GSE.
Getting your GSE is a bit like climbing Mount Everest: You do it for the
journey. In my opinion, GIAC Gold is a bit similar. You do it because you
like the challenge and in the GIAC Gold case. because you like to share what
you learned.

Next about hiring. A solid interview process is key to hiring. However, if
you (as Brenden mentioned earlier) have your applicants grilled for 2-3
hours by 5 other programmers, then you can't afford to do that to more then
3-5 candidates. Certifications in conjunction with experience can be used as
a pre-selector.

To a hiring manager, a certification doesn't guaranty success, but it
increases the chances. Now as a special case, consider consultants. If you
hire a consultant, you typically do so because you don't have the particular
skill in house. It can be very hard to interview a consultant and I find
that in these cases, certifications can be a very important sales tool.
