Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Penetration tester or Ethical hacker future?

from [jenna] Network Security [Permanent Link]
Subject: Re: Penetration tester or Ethical hacker future?
Date: Fri, 31 Aug 2007 12:52:45 +0000 (GMT) 
The other suggestion I would make would be to diversify.  I mainly write 
policies & procedures, review them (internal audits are now called reviews...) 
and make improvements but I still have to understand the pen test results, 
approve changes to the infrastructure, suggest, implement and follow up changes 
to processes.  I might not be particularly good at vulnerabitly scanning but I 
make sure I can still do it.  We are fortunate to be in security where there 
are so many different channels so read info sec papers and be ready for the 
next big thing.  I have CDs on my desk which guarantee ISO: 27001 
certification; implement a SAM solution; manage risks, etc.  We are a part of 
MIS, IT, IS or whatever it's going to be called next - the name changes, the 
structure changes.  What's new and exciting today will be automated tomorrow, 
be prepared.

Jenna


----- Original Message ----
From: "shyaam@gmail.com" <shyaam@gmail.com>
To: pen-test@securityfocus.com
Sent: Thursday, 30 August, 2007 10:50:41 PM
Subject: Re: Penetration tester or Ethical hacker future?


I am not experienced at all, but I did understand the "overall" of any market. 

Human beings freak out if they will loose the jobs due to automation and 
scientific inventions. There are tons of people who becomes unemployed everyone 
and there are tons of them who gets hired somewhere else the next day. So, it 
is always a fluctuating market. Secondly, automation is not only to make life 
easier but on a business outcome, the main motive of a businessman is to finish 
a given task as quick as possible in the most efficient manner using leadership 
and management competencies as skills and doing things in an optimal fashion so 
as to complete the task and give the clients what has been promised to them 
over a RFQ or in many other ways.

Ever since the invention of lamps, people who were lighting up the street 
lights might have worried if they will have a job due to the one switch of a 
button. Ever since the invention of motor vehicles, people who were pulling 
carts and giving horse rides might have worried if their market might go down, 
which is ofcourse true. But then if the guy who knows how to lit the lamps, 
learns how to turn on the switches and drive the electricity to the required 
regions(called electrician) and the person who knows how to ride a cart with 
his horses knows how to turn the steering, he becomes a taxi cab driver. 

GIST: Foundations always remain the same. Knowing tools and latest skills will 
help survive, but in this field of Information Security, people generally tend 
to do latest stuff and expect so much in return. The thing is, they do get 
returns from the field, but many people donot give back anything to the field. 

Try always getting stronger in the foundational skills, know how the tools and 
pentesting kits are being made and try creating your own kits(that is not 
reinventing the wheel), or try extending the existing stuff. Then try to see 
why many existing systems and softwares are vulnerable, again more than tools 
use your foundational skills as they never change. Then try doing something for 
the field that gave you your job, money and what not. 

"When people pay so much to secure their stuff, then we better make sure that 
they are secured"-Dan Kaminsky(or may be someone else quoted before him), but 
anyways, try to do something for the "Security" community that helps the 
community as well as your learning skills while doing stuff. In these ways, you 
need not worry that your job will be gone whether it is automation or any other 
stuff. You will be known and you will know your stuff. 

Cheers!!!
Shyaam

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


      ________________________________________________________
Nervous about who has your email address? Yahoo! Mail can help you win the war 
against spam.
http://uk.docs.yahoo.com/mail/addressguard2.html

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Pen test of IP stack, Jerome Athias
Next by Date:  Pentest Web Services, wavefront1
Previous by Thread:  Re: Penetration tester or Ethical hacker future?, shyaam
Next by Thread:  Block OS Detection, Attari Attari
Indexes:  [Date] [Thread] [Top] [All Lists]