How to pursue a career in application security

How to pursue a career in application security

I was working on designing and implementing application security for the past year, most of the time based on Kerberos Authentication protocol. I am no longer on the project, and I want to continue in security domain. What steps should I take to be in the application security domain and which is the best area to become an expert? Also, can you please tell me is there any certifications available for better understanding and pay?

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Aside from developer certifications that include coverage of security topics and passing coverage in general security certifications like CISSP, Security+ and so forth (which means usually only one knowledge domain out of 7 or more such domains relates to your primary area of interest), I'm not aware of any security certifications that aim specifically at developers.

At present, this kind of knowledge is probably easiest to gain by pursuing a master's degree with a specific focus on that topic. At the same time, I would suggest that you consider obtaining Security+, CISSP and perhaps some vendor security certifications like those from Cisco, CheckPoint, RSA, IBM and so forth, to give you a market perspective on what security looks like from a more standard point of view.

Good luck in your pursuit of this entirely laudable subject matter.

For more information on this topic, visit these other SearchSecurity.com resources:
Careers and Certification Tip: The vendor-neutral security certification landscape
Careers and Certification Tip: Survey of vendor-specific security certs
Ask the Expert: Best graduate schools for network security


This was first published in January 2003