Avatar

vpz

vpz@infosec.pub
Joined
1 posts • 16 comments
Direct message
Filter:
OverviewPostsComments
Sort:
NewOldTopAll
Avatar
vpz@infosec.pub
2 points
in cybersecurity@infosec.pubMentorship Monday - Discussions for career and learning!

I’m looking into Azure penetration testing training. Specifically Azure. I found NetSPI has an offering called Dark Side Ops: Azure Cloud Pentesting. Anyone have experience with this course or NetSPI training in general?

permalink
report
reply
Avatar
vpz@infosec.pub
3 points
in cybersecurity@infosec.pubMentorship Monday - Discussions for career and learning!

Not a question but I’d like to provide some career guidance. If you’re interested in a career in penetration testing, please, please put some time in your training plan for technical writing. So many folks think the job is all hacking, but it’s really about a third project planning with meetings and such, a third hacking and a third writing. Writing rules of engagement, test plans, reports, presentations on results, etc. So business and writing is just as important as the technical stuff. A well rounded applicant will have better luck finding a role.

Thanks for listening to my Ted talk.

permalink
report
reply
Avatar
vpz@infosec.pub
1 point
in cybersecurity@infosec.pubMentorship Monday - Discussions for career and learning!

My personal opinion is that technical cybersecurity roles are not great straight-out-of-school jobs. Technical cyber roles can expect a candidate to already have experience with networking, system administration, some coding, technical writing, and presentation skills.

So starting with other IT roles like help desk, system administration and networking, etc. can help build knowledge.

permalink
report
parent
reply
Avatar
vpz@infosec.pub
1 point
in cybersecurity@infosec.pubWhat are You Working on Wednesday (Special Thursday edition)

Pentesting skills are built upon skills in Linux and Windows system administration from the command line, networking, some coding usually in Python, knowledge of web applications and web servers, and more. When starting out it can feel bad because you want to learn out pentesting topic X, but then you figure out that you need to go learn at least the basics of fundamental topic A and B first. It’s normal so don’t worry about. Just dig in and enjoy the knowledge journey.

permalink
report
parent
reply
Avatar
vpz@infosec.pub
1 point
in cybersecurity@infosec.pubAsset and Vulnerability Scanning

I’ve used Tenable Nessus Professional, and Tenable Security Center and both work well in their categories. Nessus Professional is a portable Nessus scanner a security person can take with them to do adhoc scans. Security Center (aka Tenable.sc) is a vulnerability management solution for an enterprise.

Their competition is Rapid7 and Qualys, but I can’t speak to those myself.

permalink
report
reply
Avatar
vpz@infosec.pub
5 points
in ergomechkeyboards@lemmy.worldLong term ergo-mech keyboards reviews

I’ve been using my keyboard, Toast, for two years. I use it with a modified Miryoku layout with Colemak DH. It’s for work, travel and at home.

I open-sourced Toast too

https://github.com/vpzed/keyboards/tree/main/toast

I also built half an MX-switch Helix to have a fully programmable gaming keypad for home.

permalink
report
reply
Previous pageNext page