To avoid having to answer redundant questions about security certifications, I made a mindmap of the technical security certifications and their associated areas (forensics, pentesting, etc). It is a work in progress so I do know there are a few certifications missing. When you receive this (I'm sending it to many) if you want to, kindly send me feedback or correct me, it is much appreciated. NOTE: Its a "TECHNICAL" roadmap, so please don't fire off "CISSP!, CISM!..." However, any other certs along the technical realms are fair game to add to the list. Figured, many have likely had to answer these same questions: "which route do/should I go ... whats next?" when it comes to security and certifications. I also added some vendor and other organizations I felt would help individuals in certain areas, e.g., WCNA (Wireshark Univ) to me is a must for anyone doing network forensics/incident response. http://www.infiltrated.net/TechnicalSecurityRoadmap.html <http://www.linkedin.com/redirect?url=http%3A%2F%2Fwww%2Einfiltrated%2Enet%2FTechnicalSecurityRoadmap%2Ehtml&urlhash=jRak&_t=mbox_mebc> -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 42B0 5A53 6505 6638 44BB 3943 2BF7 D83F 210A 95AF http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF