get hired as a pen tester

One of my favorite blogs, Security Monkey (or A Day in the Life of an Information Security Investigator), made a post about how to increases your chances of getting into the lucrative and fun field of penetration testing. The comments are nearly as good as the post itself and I definitely wanted to keep this around.

cissp study guides

This link I have not tried recently, but I believe these are still free study guides for the cissp and should still be pretty informative. I read one or two about a year or more ago, and file away the link for a time when I could more fully pursue the cissp. I believe these are from Shon Harris and hosted by this site as a sponsor.

Of note, Shon Harris also has CISSP training that you can pay for and attend.

pictures from cdc2005

Link to pictures of the CDC 2005 event at Iowa State University. The CDC is the CyberDefense Competition held at ISU where teams of students attempt to defend their networks against a team of attackers (usually area professionals) over the course of an entire weekend. The event is reminiscent of Defcon’s Capture the Flag, but with a much more instructive mentality. I wish we had this much stuff in this field at ISU back when I was a student! A version of this is also being held annually where high school teams are the defenders and college students are the attackers.

information overload

Information Overload. Kind of hard to admit that I am nearing that point, since I completely love learning things and absorbing knowledge. But the IT, techie, world has been doing that to me lately…really kicking my ass. I want to learn so much, catch up on things over the years that I missed because I wasn’t a packet geek or into coding as a child (yeah, right!). I have an entire different part of this site dedicated to postings and news and links and tidbits of knowledge that I have happened across in the past few years (I keep these separate because, well, it’s just for me). I have a huge list of bookmarks in my web browser that are “pending” things to check out, usually tools, large sites, or long papers that I didn’t have time to fully deal with back when I was made aware of them. I have dozens upon dozens of books that are half-started or not yet read…as if just owning them means I can somehow claim the knowledge locked away.
I don’t have enough hours in my day, enough days in my life, to learn all this stuff like I want to learn it. That’s frustrating beyond belief.
Couple this with my recent soul-searching about my career. I love my career to date and where it is going, but I’ve had some thoughts that maybe specializing a bit more would be beneficial.
Now that I was working on “that other” part of my site that will remain mysteriously locked away, I have realized that my categorizing of information is almost manic at this point. It is still a mess and I’m not happy with having all this knowledge in front of me and just not having the time to get to it. Maybe I should specialize that too?
It kinda makes sense, but while I am happier to do this with my young career, I’ll likely not adopt that quite too soon with my thirst for knowledge…but I certainly need to slow down and instead of blitzing this realm, to sit back, clear off the desk, and focus on a few things at a time and truly enjoy and experience them.