NetSpi Technical

AUGUST 16, 2024

GCPwn’s ease of use cannot be understated: it’s perfect for both someone new to cloud security and pentesting but also powerful enough to help even seasoned cloud pentesters quickly conduct high-value penetration tests. Don’t be afraid of sending large (4gig +) payloads for clear/white/open box testing.

Social Engineering 51

Social Engineering Penetration Testing Engineering Ransomware 51

ForAllSecure

APRIL 7, 2021

You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. There's a serious shortage of InfoSec professionals. For many, though, that isn’t true. It appears that skills alone aren't enough to get everybody through the door.

Hacking 40

Hacking InfoSec Cybersecurity Engineering 40

ForAllSecure

APRIL 7, 2021

You’d think that having an amazing resume, a couple of bug bounties, or a CTF win would land you that dream infosec job. There's a serious shortage of InfoSec professionals. For many, though, that isn’t true. It appears that skills alone aren't enough to get everybody through the door.

Hacking 40

Hacking InfoSec Cybersecurity Engineering 40

eSecurity Planet

DECEMBER 3, 2021

His 1994 book detailing cryptographic algorithms ( Applied Cryptography ) was just the beginning of his contributions to technical perspectives on system design, cybersecurity, privacy, and more. How to screen for natural infosec talent: Ask for a worst case scenario for any common situation. Bruce Schneier | @schneierblog.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

CyberSecurity Insiders

JULY 7, 2021

Yet, although I didn't need another one, I looked at it just as we were getting ready to do a big penetration test of the US House of Representatives’ network. First, I bought study books, and I just read them cover to cover. I did not need another credential because I already had at least six others. I did two things.

Financial Services 40

Financial Services Cybersecurity Technology Government 40

ForAllSecure

FEBRUARY 8, 2023

So basically, we deliver custom penetration tests. And that's just because it's not in the books VAMOSI: True. A lot of infosec’s knowledge is either tribal -- passed on from one person to another - or can be found in books. We do forensics incident response, but also in general cybersecurity consulting.

Software 40

Software Phishing Passwords Malware 40

ForAllSecure

APRIL 26, 2022

Kim Zetter’s book, Countdown to Zero Day, is perhaps the definitive book on the subject. We get the InfoSec people that were on enterprise systems, we get them that come because they want to learn more about security. Historically with InfoSec it's been Hey, the sky is falling. Test, do that, you know, Purple team.

Hacking 52

Hacking Energy and Utilities Manufacturing Firmware 52

ForAllSecure

APRIL 12, 2022

Should infosec now be considered vocational training just like becoming an electrician or a plumber? How else should we address the skills gap in infosec? My boss at the time didn't know much about infosec. She died a few years ago, but I believe the book continues with other authors. I was a paid writer--whoo, whoo.

Cybersecurity 52

Cybersecurity InfoSec Technology Marketing 52

ForAllSecure

JANUARY 11, 2023

No, I simply bought Shon Harris’s massive book CISSP- All-in-One Exam Guide -- and read through it -- not one, twice. Then I took the test and hoped for the best. I joined a Discord server called InfoSec prep. So originally, it was sold as sort of an entry level penetration testing exam. I’m waiting.

DNS 40

DNS Hacking Penetration Testing Education 40