Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

  • MisuseCase@infosec.pub
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Hi CISSPs and other folks with cyber-focused certifications! Did you know that you can often fulfill your CPE or other continuing education retirements by listening to podcasts? Well, now you know! Here’s my secret to keeping up with those CPEs - the Security Now! podcast with Steve Gibson and Leo Laporte.

    You can also find summaries and transcripts of past episodes on Gibson’s website, which is refreshingly old-school and script-free.

  • 🦄🦄🦄@feddit.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Hey people Software dev here with 7+ years of experience, tech stack is mostly Java/Typescript/Angular/Node. I’m kinda sick of the day-to-day business of solving bugs and the occasional new feature and would like to dive into the cybersecurity industry. Was hoping my experience is somewhat useful for that.

    Do you know the place to start for someone who would like to switch careers like that?

    • shellsharks@infosec.pubOPM
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Ex-devs generally gravitate towards “DevSecOps”/Cloud/AppSec roles. There is a need in the infosec industry to have competent developers so if you have that skillset you need only to pick up some cyber know-how. Portswigger has their web security academy and there is OWASP which provides a ton of great resources. Start getting into those things and put them on your resume and you should start to have a path into infosec.

  • himazawa@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Playing around with the SecureFlag platform, pretty interesting IMHO. Also want to start a new language to stick with, I am pretty undecided between Zig (but is not memory safe by design) elixir (functional programming still isn’t my thing) and nim (can’t handle any more language with indentation-based codeblocks).

    Any suggestion is welcome, I will use them to build mostly security tools.

    • highspire@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Just noticed Zig with the 2023 StackOverflow survey. Stood out as a language people seemed to be happy with, and paid a lot. I tried elixir for a day and, like you, it wasn’t my thing. For what it’s worth (less than the cost of the electricity used in the process of posting my comment), I say maybe try Zig

  • vpz@infosec.pub
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Starting Offensive Security EXP-301 Windows User Mode Exploit Development next week. Binary exploitation isn’t needed much in my work, but need it for OSCE3. After this I hope to be able to stick to normal training courses built for working professionals - instead of second job for many months plus grueling 72 hour exam + reporting courses. “Just one more and then I’ll quit”. Lol.