forum.defcon.org

g3k_ started a blog post Rambling On
November 9, 2009, 06:15

Share

Tweet
Rambling On

So in an effort to not be a computer janitor for the rest of my life, I've been blitzkriegging on my certs so that one day I can be a pentester. I guess the eternal question has yet again come up, "do these certs really matter?"

I can't answer that. I know people who have their CompTIA certs, their MS certs and they don't really know their stuff, or they are in a place where their employer can't let them use the knowledge they may have learned in order to get those certs. In listening to Exotic Liability, I hear that it is a problem in the security industry too.

I don't have a college degree. I know that is fairly common, but I've always been told that certs were the way to go if you don't have a degree. I can't really find a job working in the field, even as a low level security pentester (Dong of America: Florida, not going anywhere any time soon) I'm not really all that skilled in a lot of hackery type things, but if anything I just gotta work at it enough. (tl;dr get my ass in gear and build my lab up) I'm not sure that I will ever contribute great things to the community, but I want to be above the standard lately (that I've been hearing about) of 'professional' pentesters and as they said on EL: social-security engineers and tool runners. We need security justice!!!

Speaking of tool running, I recently got my ACE cert through work using the FTK for computer forensics. I work in law enforcement, if I haven't made that apparent yet. I was volunteered at work because I'm interested in security and I usually complete my work very fast and have multiple projects finishing at any one given time. While the toolkit is nice and it does it's job very well, it is not what I imagined computer forensics to be. In fact, the most difficult part for me was learning how chain of custody worked. It was a huge disappointment. Ah well.
Tags: None
10 - 12

12 comments
- #10
  
  AgentDarkApple commented
  
  November 19, 2009, 08:25
  
  Editing a comment
  
  Here is something that may help you if you're willing to go to school, just not on your $ http://smart.asee.org/. I will likely be done with my bachelor's before the award is given out, but I may apply for it to help with my Master's later.
- #11
  
  g3k_ commented
  
  November 19, 2009, 11:31
  
  Editing a comment
  
  Thanks for that, sadly, because of my stint at community college, they wouldn't go anywhere near me.
  
  I'm gathering some information about grants and such. I'll compile a list on my blog in a future date so that others in similar situations can get some info because it is few and far between.
- #12
  
  AgentDarkApple commented
  
  November 19, 2009, 13:07
  
  Editing a comment
  
  That'd be great. The Army paid for $6000 of mine since my husband is in and because IT security is a "portable job that is beneficial to the military and the federal government". Starting in February I'll have to pay for all my classes if I can't get some aid. I'm not eligible for a Pell grant, and I refuse to take loans, so I'm still trying to find something.
  
  Don't know if it's an option for you, but there's always the military - they pay for active duty members to get a bachelor's or master's, and you could always try to go Signal Corps. Guard/Reserve can also get $ for school. My husband did ROTC, so the Army paid for most of his bachelor's, and now they're paying for his master's.
  
  UPDATE:
  I asked my professor what you can do to get into pentesting, and she recommended networking and getting to know people. She mentioned volunteering here http://www.nationalccdc.org/ and joining the group Red Team Attack and Penetration http://www.linkedin.com/groupInvitat...y=5FBF3464A778
Previous template Next

You must be logged in to post a comment.

Announcement

Rambling On

Rambling On