Well, any logically thinking IT pro (that’s all of us, right?) will tell you that certifications aren’t really all that. Sure, they prove that the person knows how to study, knows how to memorize a few concepts, and has good test-taking skills. I’m not saying that software and security-centric certifications such as CISSP, PMP, and the new Certified Security Software Lifecycle Professional (CSSLP) aren’t difficult to pass. I am saying, however, that simply passing a certification exam doesn’t necessarily prove what the person really knows and can execute in real-world scenarios. It especially doesn’t prove what type of employee the person is going to be.