Hi Jason, jkinne...@yahoo.ca wrote on Tue, Aug 16, 2022 at 12:04:20AM +0000:
> As long as learning C came up, does anyone from the OpenBSD community > have an opinion on whether this training for writing secure C would be > worthwhile for someone with mid-level skills? > https://www.sei.cmu.edu/education-outreach/courses/course.cfm?courseCode=V35 This isn't perfectly on topic, but i doubt you will find overwhelming enthusiam for the purchase of a "professional certificate" on an OpenBSD list. I know several people inside OpenBSD and a number outside whom i would trust to be able to code to good security standards, but if somebody presented me with a certificate, that would more likely inspire significant doubt than any kind of confidence in me, no matter how reputable the organization issuing the certificate... Apart from that, the media and methods that help people to learn differ from person to person, but regarding the topics of this particular course, it looks like you get about the same range of topics, and maybe even more, in any case for significantly less money, from buying Dowd/McDonald/Schuh, "The Art of Software Security Assessment" and studying that, and then applying it to a real code base. Of course, you will need *lots* of practical experience in addition, which you can neither get from taking a course nor from reading a book, but only from practical work. Mid-level is a rather fuzzy term, but some might say these topics are good to get acquainted with even for beginners, and yet a mid-level programmer seems unlikely to master them. Yours, Ingo
