Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CEPT

From: Florian Rommel <frommel () gmail com>
Date: Sat, 11 Dec 2010 10:18:37 +0200
While I agree with you,
this will wear of VERY fast. when you have demanding clients that question everything in your rport and in doing so 
increase your work AND possibly question your expertise.. you want to get compensated for this sooner or later.
I know quite a few pen testes who left "the lifestyle" simply because your work is scrutinized and questioned by 
everyone.
Understand that essentially, if you are a contractor, you test the security defenses and in doing so, question the 
reputation of the company's IT staff. Now, if it were me, I would be on edge too and believe it or not, internal staff 
has more weight and better time to explain to the management than you.
So just doing pen tests is not all you will do, and the rest of it is what stresses you and what you want to get paid 
for.

But yes i agree with you, money should not be the primary motivator.

//F


On Dec 11, 2010, at 12:21 AM, abigdeale () gmail com wrote:


No offense, but I was with you until your sentence ended with average salary. If you doing pentesting because you are 
chasing money then you are missing the point. Its about 'out-thinking' your opponent and stopping him/them. Geez. Its 
like years ago when mcse was a 'hot' cert and we got involved because we love the technology. But along came people 
that heared they can make money by having a cert, effectivly rendering - "everyone having one" and then the chase of 
"having enough certs" started.

Sorry if I took it a bit personal, but I am also looking in making pentesting a lifestyle. I'm definately not in it 
for the money, but for the satisfaction of a successfull test.

abigdeale
Int.Dipl I.T Engineering
And an arm lengh full of other certs
South Africa
Sent via my BlackBerry from Vodacom - let your email find you!

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: