Beware of self-declared Security Reviewer ‘experts’.
To maintaing maintain good our product’s reputation, a Consultancy Firm must have at least 2 Security Reviewer Certified Professionals, one Level 1 and one Level 3, for offering projects, services or training based on Security Reviewer Products. Every consultancy project must have at least 1 Security Reviewer Professional Master, full-time engaged in that project.
...
A company, for becoming Partner, must get one of the following Certifications for at least two technicians, renewed in the last every 2 years:
Certification | Experience Required | Description | Hours |
---|---|---|---|
| 5 years in Secure Coding Projects Belonging to a Firm with 60% of projects dedicated to Application Security | How to do preselling Pre-selling of our products Collecting customer’s needs How to make technical proposals focused on customer’s requirements Compare Security Reviewer suite to other products | 6 hours - 1 Day |
| 5 years in Secure Coding Projects Belonging to a Firm with 60% of projects dedicated to Application Security At least TIOBE Index top 5 Languages in-depth knowledge Proven involvement on documented projects using TIOBE Index top 5 Languages | How to install (in case of on premise and of Jenkins plugin) and configure Security Reviewer suite’s components (basics). The training can be focused on Cloud Reviewer only with or without Jenkins plugin How to optimize usage of our products How to make a Code Review / Audit on an App (basics) How to Participate on Remediation meetings as Auditor How to include our products inside customer’s SDLC (basics) Technically Compare Security Reviewer to other products | 12 hours - 2 Days |
| 3 Years of proven experience over Security Reviewer Products
| How to conduct as Master a Security Reviewer’s based Projects Review App Audits made by Security Reviewer Certified Professional - Level 3 - Support Team (advanced) Mastering Remediation meetings (advanced) How to include our products inside an existing DevOps process (advanced) Customizing reports Customizing XML/JSON/CSV output | 12 hours - 2 Days |
| 5 years in Embedded Projects Belonging to a Firm with 60% of projects dedicated to Application Security 3 year in Linux projects Proven involvement on documented projects using embedded software and firmware | How to install and configure Firmware Reviewer How to optimize usage of our productsthe product How to make a Firmware Audit How to Participate on Remediation meetings as Auditor Technically Compare Firmware Reviewer to other Firmware Analysis products and tools | 12 hours - 2 Days |
...
Certification | Experience Required | Description | Hours |
---|---|---|---|
| 5 years in selling Application Security Projects or Products Belonging to a Firm with 60% of projects dedicated to Application Security | Market Positioning How to do a presentation about our products Managing prePre-sales people How to make budget proposals focused on customer’s requirements Compare Security Reviewer suite to other products How to manage Request For Proposals / Tenders based on Security Reviewer products | 6 hours - 1 Day |
...
Certification | Experience Required | Description | Hours |
---|---|---|---|
| 3 years in Secure Coding Projects Belonging to a Firm with 60% of projects dedicated to Application Security Part of Security Reviewer’s Reseller firm | How to install (in case of on premise and of Jenkins plugin) and configure Security Reviewer suite’s components (basics). The training can be focused on Cloud Reviewer only with or without Jenkins plugin How to make a Code Review / Audit on an App (basics) How to include our products inside customer’s SDLC (basics) How to participate to an Audit together with SRCP Level 3 Support or Master people | 6 hours - 1 Day |
...