Fair enough. Just remember, there’s more (a lot more) to infosec than just Hack the Box stuff.
Pure appsec certs off the top of my head… OSWE, GIAC GWAPT (and others from SANS), Portswiggers Burp Suite cert, OffSec also has a 200-level appsec cert. I’m sure there are other popular ones too.
Yeah infosec is pretty huge. Do you have an idea more specifically of what you want to do? Like what type of role are you looking for or skills would you like to have?
Hard to give you a definitive answer on this one. I'd say you'd be hard-pressed right now to pull that off without a direct referral or other networked way-in. Job market is condensing, lots of (experienced) out-of-work folks looking for new roles, etc... If you aren't already in infosec, or you're not a full-time dev with some security knowledge, it will be tough. Your best bet (roughly) on things to add to your skills/portfolio would be...
- Proficiency with one or more languages that your target role company uses (and evidence of this XP)
- In-depth knowledge of OWASP "stuff" (Top 10, ASVS, etc...)
- Practical XP with attacks/exploits (via experience, CTFs, trainings, Web Security Academy, etc...)
- Some applicable certs
Some other stuff you might find useful....
Li'l late, but I've been working on some re-design for my blog. I can't overstate how much I hate CSS.
No small feat to become a top 5 hated person on the Internet for a day. Well done Internet Brands exec team.
Nice! If anything worth sharing maybe you can do so here or on Mastodon. Cheers!
GL on the job hunt. Layoff season is here and I can just feel the market being squeezed rn.
Ooph. Rough. Hope that worked out!
Ah nice. I’d be interested in checking yours out when you have a v1 ready. I have a page on my site that is a resume but always looking for inspiration on how else to design it, etc…
Who’s asking for this? The future is bleak