Penetration Testing mailing list archives
RE: Pen-testing Internships?
From: "Meidinger Chris" <chris.meidinger () badenIT de>
Date: Thu, 8 Jun 2006 01:06:22 +0200
This topic would interest me greatly as well - though I pen-test from time to time I mostly do more general security work. I'd love to hear any tips or ideas you guys may have about breaking into the pen-testing field full time, which seems to me to be the only to maintain a high standard of quality. Thanks in advance, Chris
-----Original Message----- From: Erin Carroll [mailto:amoeba () amoebazone com] Sent: Wednesday, June 07, 2006 7:26 PM To: rkraus () unguarded org Cc: pen-test () securityfocus com Subject: Re: Pen-testing Internships? All, I let this one on to the list more to discuss internships and various ways to obtain a working portfolio/knowledge in general and what list members have done or seen work in the past. If you wish to address Rob Kraus' specific interests (internship offers etc) please email him directly to reduce list clutter. I'd really prefer Rob's submission kick off a discussion which would apply to anyone seeking working experience in pen-testing. On Wed, 7 Jun 2006, rkraus () unguarded org wrote:Hello List! I have been monitoring this list for some time now and findit to be avery good resource for learning and collaboration among IT Security professionals. Here is my dilemma. I am fairly well versedin networksecurity and spend as much time as I can in learning moreand applyingwhat I already know. My IT experience in design andimplementation isfairly good and work with customers daily to providereliable solution toconcerns and expanding infrastructure. My goal is ultimately to become a full-time penetrationtester and networksecurity analyst. Even though with my experience I do not feel 100% comfortable with offering these services to customers atthis time simplybecause I have not been field tested in the area ofpenetration testing asof yet. At least not on a customer-provider type of relationship. The next logical step for me is to try and gain experienceto add to myportfolio and reputation. I guess the nitty-gritty ofthings is that Ineed to put myself where I am working beside professionalsin the field togain experience directly. My questions are: 1. Does anyone know of any opportunities to work besidepeople in thefield now, an internship possible? (I am not looking for pay, just experience) 2. Does anyone know if there is mentor type program tohelp me get to mygoals? 3. Is there anyone on this list that would be able orwilling to provideme with the opportunity of such a position? I know this sounds straight forward, as I usually like toget to the pointof things. At this point even having a person like me doing nmap and general footprinting as an apprentice would even make mehappy. I wouldalso be open to a phone interview for such a position justto elaborate onwhat my capabilities are currently. Even if there is noopportunity outthere I would be very happy if someone would even just talkto me offlinevia phone so I can explain where I am at and maybe give mesome advice toget me to where I want to go. I would be interested in any advice from the list on bothtechnical andbusiness side of penetration testing/security auditing to broaden my knowledge. Thanks, Rob Kraus San Antonio, Texas-------------------------------------------------------------- ----------------This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one towin the Analyst'sChoice Award from eWeek. As attacks through webapplications continue to rise,you need to proactively protect your applications fromhackers. Cenzic has themost comprehensive solutions to meet your applicationsecurity penetrationtesting and vulnerability management needs. You have anoption to go with amanaged service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how amanaged service canhelp you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for youto confirm yourresults from other product. Contact us atrequest () cenzic com for details.-------------------------------------------------------------- ------------------------------------------------------------------------------ ---------------- This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. -------------------------------------------------------------- ----------------
------------------------------------------------------------------------------ This List Sponsored by: Cenzic Concerned about Web Application Security? Why not go with the #1 solution - Cenzic, the only one to win the Analyst's Choice Award from eWeek. As attacks through web applications continue to rise, you need to proactively protect your applications from hackers. Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. You have an option to go with a managed service (Cenzic ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can help you: http://www.cenzic.com/news_events/wpappsec.php And, now for a limited time we can do a FREE audit for you to confirm your results from other product. Contact us at request () cenzic com for details. ------------------------------------------------------------------------------
Current thread:
- Pen-testing Internships? rkraus (Jun 07)
- Re: Pen-testing Internships? Erin Carroll (Jun 07)
- Re: Pen-testing Internships? Tim (Jun 08)
- RE: Pen-testing Internships? Meidinger Chris (Jun 08)
- Re: Pen-testing Internships? Erin Carroll (Jun 07)