Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!

  • MisuseCase
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Hi CISSPs and other folks with cyber-focused certifications! Did you know that you can often fulfill your CPE or other continuing education retirements by listening to podcasts? Well, now you know! Here’s my secret to keeping up with those CPEs - the Security Now! podcast with Steve Gibson and Leo Laporte.

    You can also find summaries and transcripts of past episodes on Gibson’s website, which is refreshingly old-school and script-free.

    • Anonymoose
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Thanks, this is helpful as I’ve been travelling for a while and way behind on those CPEs.

  • 🦄🦄🦄@feddit.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Hey people Software dev here with 7+ years of experience, tech stack is mostly Java/Typescript/Angular/Node. I’m kinda sick of the day-to-day business of solving bugs and the occasional new feature and would like to dive into the cybersecurity industry. Was hoping my experience is somewhat useful for that.

    Do you know the place to start for someone who would like to switch careers like that?

    • shellsharksOPMA
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Ex-devs generally gravitate towards “DevSecOps”/Cloud/AppSec roles. There is a need in the infosec industry to have competent developers so if you have that skillset you need only to pick up some cyber know-how. Portswigger has their web security academy and there is OWASP which provides a ton of great resources. Start getting into those things and put them on your resume and you should start to have a path into infosec.

  • himazawa
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Playing around with the SecureFlag platform, pretty interesting IMHO. Also want to start a new language to stick with, I am pretty undecided between Zig (but is not memory safe by design) elixir (functional programming still isn’t my thing) and nim (can’t handle any more language with indentation-based codeblocks).

    Any suggestion is welcome, I will use them to build mostly security tools.

    • highspire@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Just noticed Zig with the 2023 StackOverflow survey. Stood out as a language people seemed to be happy with, and paid a lot. I tried elixir for a day and, like you, it wasn’t my thing. For what it’s worth (less than the cost of the electricity used in the process of posting my comment), I say maybe try Zig

      • himazawa
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        For now I am pretty happy with zig, the semicolon mandatory is a bit annoying tho.

    • shellsharksOPMA
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Never even heard of Zig or elixir but I have heard of nim. Doesn’t mean much but that’s about all the input I have for this one =P.

  • vpz
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Starting Offensive Security EXP-301 Windows User Mode Exploit Development next week. Binary exploitation isn’t needed much in my work, but need it for OSCE3. After this I hope to be able to stick to normal training courses built for working professionals - instead of second job for many months plus grueling 72 hour exam + reporting courses. “Just one more and then I’ll quit”. Lol.

    • shellsharksOPMA
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Hah, I’ve been telling myself that for years…“just one more…”.