Summary of SANS Webcast: So, You Wanna Be a Pen Tester 3 Paths to Consider

This is an AI generated summary. There may be inaccuracies.
Summarize another video · Purchase summarize.tech Premium

00:00:00 - 01:00:00

The video discusses the different paths that someone can take in order to become a pen tester. It notes that there is a growing demand for pen testers, and that those with the right skills can command a high salary. It advises individuals to focus on skills that will give them the most value to their employer and recommends watching Jason Blanchard's talk, "How to Social Engineer Your Way into a Dream Job."

  • 00:00:00 The author of the video discusses the growth of the pen test industry, and how a shortage of pen testers is impacting the market. He goes on to explain three different paths into penetration testing, and how each can help you develop your skills. The last part of the video is devoted to questions and answers from the audience.
  • 00:05:00 Pen testing is a process of testing security vulnerabilities on systems. Pen testers often experience mental and physical exhaustion from their work.
  • 00:10:00 Volunteering to help with penetration testing can help you become more familiar with the trade, as well as increase your skillset. There are three paths you can take when becoming a pen tester: joining a pen test company, starting your own company, or becoming a penetration tester within an existing company. Derek rook's talk, "Being Offensive in the Workplace," is a good resource for those considering starting their own pen test company.
  • 00:15:00 The video discusses three paths to becoming a pen tester: working in your current employer, joining a pen test company, or becoming self-taught. Each path has its pros and cons, and the presenter encourages viewers to consider their options before making a decision.
  • 00:20:00 The presenter provides advice on how to become a pen tester, focusing on how to approach the job with a "hacking mentality." He also discusses the importance of legal permission and insurance.
  • 00:25:00 The presenter discusses the "get-out-of-jail-free card" that penetration testers need in order to do their job safely. He also discusses the two common errors that beginners make: overestimating their own ability and under estimating their own ability. He provides a permission memo that lawyers can use to get permission to do penetration testing on behalf of their employer. He finishes the video by telling a story of a friend of his, Atlas, who is an incredible hacker.
  • 00:30:00 The speaker provides advice on preparing for a career in pen testing, including building a lab and starting a blog. He recommends starting with a simple topic, such as learning about a particular tool, and then gradually expanding your knowledge. Finally, he advises setting aside time each week to practice pen testing.
  • 00:35:00 The video discusses how to become a pen tester, and suggests that readers should follow certain people on Twitter, read technical blogs every day, and compete in capture the flag competitions.
  • 00:40:00 The video discusses the opportunities available for penetration testers, including the growing industry and opportunities for skill development. It also mentions that being part of the community is key to success, and Jason Blanchard provides an overview of the Sands Pen Test Curriculum.
  • 00:45:00 The dream of becoming a pen tester is to have a job that allows you to think creatively and hack things and people pay you to do that. Jason advises not to over-estimate your skills, and to start by building experience through lab work and playing CTFs. The first step to becoming a pen tester is to find a tool that you are interested in and start learning it.
  • 00:50:00 The video discusses the different types of certifications that someone can pursue in order to gain a foothold in the InfoSec field. The main point is that, while a degree may not be a requirement, having the right skills can help an individual stand out from the competition.
  • 00:55:00 The video discusses ways that pen testers can improve their command line skills, writing skills, and networking skills. It notes that there is a wide range in salary for pen testers, and that those in positions of authority (enterprise vs. boutique) are typically paid more. It also advises individuals to focus on skills that will give them the most value to their employer and recommends watching Jason Blanchard's talk, "How to Social Engineer Your Way into a Dream Job."

01:00:00 - 01:00:00

The presenter discusses the importance of pentesting, and provides tips on how to become a pen tester. They also mention upcoming webcasts on the topic. This is a great resource for anyone interested in becoming a pen tester.

  • 01:00:00 The presenter discusses the importance of pentesting, and provides tips on how to become a pen tester. They also mention upcoming webcasts on the topic.

Copyright © 2024 Summarize, LLC. All rights reserved. · Terms of Service · Privacy Policy · As an Amazon Associate, summarize.tech earns from qualifying purchases.