I was pretty impressed when I saw this. Apparently there is a new certification program for application security specialists. I know other companies have attempted to move in this direction. Most notably is ISC2 with their CSSLP, with their motto, “I fill the holes in your SLC”. You can see that Dave Aitel supports the CSSLP:
While I respect Dave a lot, I can’t get behind filling holes. So, thankfully the CASS is here to fill that gap for us. I went through the process - thankfully it didn’t take much time. But I think someone who goes through the entire process shows a sincere interest, and that should make employers very happy. So if you’re out of a job and need a quick certification, the Certified Application Security Specialist is the cert for you. Go check it out! Don’t be like Dave Aitel, kids. Seriously, don’t.