Tuesday, July 22, 2008

 

OWASP Preliminary Certification Results

Several folks have pinged me offline in hopes of getting a peak at the results of the OWASP survey. Many folks wanted to understand the answers to such questions as which industry analyst firms best understand the challenges of Web Application Security. I found it somewhat insightful how folks perceive firms such as Redmonk, Gartner, Forrester, Entiva and the Burton Group.

Anyway, below are preliminary results to a few select questions. The full report will be made available at the end of the week...

Page: Introduction
1. Please indicate your gender.
 Response
Percent
Response
Count
Female
7.7%31
Male
92.3%370
 answered question401
 
skipped question
4

2. Please select the category that includes your age.
 Response
Percent
Response
Count
17 or younger 0.0%0
18 to 24
12.8%51
25 to 34
44.8%179
35 to 44
25.0%100
45 to 54
12.5%50
55 to 64
4.0%16
65 or older
1.0%4
 answered question400
 
skipped question
5

Page: Preferences
6. Has not having a particular certification or credential ever hindered your career?
 Response
Percent
Response
Count
Yes
28.2%97
No
58.7%202
Unknown
13.1%45
 answered question344
 
skipped question
61

7. In your opinion, what should be the target failure rate for first-time exam takers?
 Response
Percent
Response
Count
80%
9.0%31
70%
18.3%63
60%
13.3%46
50%
15.1%52
40%
11.6%40
30%
14.8%51
20%
2.3%8
No opinion
15.7%54
 answered question345
 
skipped question
60

8. Do you believe that exams with higher failure rates are more credible?
 Response
Percent
Response
Count
Yes
28.1%97
No
37.7%130
Maybe
25.2%87
Unknown
9.0%31
 answered question345
 
skipped question
60

Page: Marketing
14. In your opinion, do you feel single-brand certifications and/or credentials such as Cisco, Microsoft, Novell, etc. help or hurt the industry?
 Response
Percent
Response
Count
Help
30.1%100
Hurt
21.4%71
Neutral
41.0%136
Undecided
7.5%25
 answered question332
 
skipped question
73

15. In your opinion, do you feel that training providers who teach courses geared towards obtaining OWASP certification should mandate that their instructors are certified?
 Response
Percent
Response
Count
Yes
77.6%257
No
10.3%34
Maybe
9.7%32
Undecided
2.4%8
 answered question331
 
skipped question
74

Page: Test Methods
22. VUE (http://www.vue.com) and Prometric (http://www.prometric.com) both provide computer based testing at existing testing centers throughout the world. While the actual payment to VUE or Prometric to provide an exam varies with volume, at least $75 of an exam's price would go to VUE or Prometric. What do you perceive as the
advantages of having the exam available at a VUE or Thomson testing center? (choose all that apply)
 Response
Percent
Response
Count
It would make the exam available in my geographic area
73.0%216
the exam would be inexpensive
24.0%71
the exam delivery would be secure
35.8%106
It would be easy to register and pay for an exam
60.1%178
I would prefer not to take the exam using VUE or Prometric testing center
12.8%38
 Other (please specify)23
 answered question296
 
skipped question
109

Page: Final
30. Please rate which industry analyst firms best understand the challenge of implementing Web Application Security.
 First PlaceSecond PlaceThird PlaceFourth PlaceFifth PlaceSixth PlaceLast PlaceResponse
Count
Gartner51.2% (44)7.0% (6)10.5% (9)10.5% (9)2.3% (2)2.3% (2)16.3% (14)86
Forrester19.4% (13)44.8% (30)9.0% (6)11.9% (8)4.5% (3)10.4% (7)0.0% (0)67
Burton Group25.9% (15)12.1% (7)27.6% (16)13.8% (8)10.3% (6)3.4% (2)6.9% (4)58
Yankee Group2.4% (1)16.7% (7)19.0% (8)35.7% (15)7.1% (3)11.9% (5)7.1% (3)42
Redmonk13.3% (4)6.7% (2)10.0% (3)10.0% (3)50.0% (15)6.7% (2)3.3% (1)30
The 451 Group6.1% (2)15.2% (5)9.1% (3)6.1% (2)18.2% (6)36.4% (12)9.1% (3)33
Elemental Links0.0% (0)0.0% (0)4.8% (1)9.5% (2)9.5% (2)19.0% (4)57.1% (12)21
ZapThink4.3% (1)21.7% (5)26.1% (6)17.4% (4)4.3% (1)8.7% (2)17.4% (4)23
Nemertes6.7% (1)13.3% (2)13.3% (2)6.7% (1)33.3% (5)6.7% (1)20.0% (3)15
IDC0.0% (0)25.0% (7)21.4% (6)21.4% (6)14.3% (4)14.3% (4)3.6% (1)28
AMR0.0% (0)7.7% (1)23.1% (3)23.1% (3)30.8% (4)7.7% (1)7.7% (1)13
Ovum10.0% (1)10.0% (1)30.0% (3)20.0% (2)10.0% (1)0.0% (0)20.0% (2)10
Enterprise Strategy Group12.5% (3)12.5% (3)16.7% (4)12.5% (3)4.2% (1)25.0% (6)16.7% (4)24
Macehiter Ward-Dutton10.0% (1)20.0% (2)10.0% (1)0.0% (0)10.0% (1)10.0% (1)40.0% (4)10
 Other (please specify)20
 answered question100
 
skipped question
305




Links to this post:

Create a Link



<< Home
| | View blog reactions


This page is powered by Blogger. Isn't yours?