this post was submitted on 12 Jul 2023
29 points (100.0% liked)

cybersecurity

64 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I've worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I'm also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

you are viewing a single comment's thread
view the rest of the comments
[–] Penguincoder 2 points 1 year ago (1 children)

Did you pay for all those SANS certs yourself, or company foot the bill?

What's been most memorable incident or PenTest finding?

[–] shellsharks@infosec.pub 4 points 1 year ago (1 children)

I'd be either very broke or have to be very rich to have paid for all of those haha. Fortunately, I worked for a company that had a very generous training allotment. I've also managed to take quite a few entirely free by being part of their vTA (virtual TA) community, whereby I help instructors throughout the week of the course with student questions, lab setup, etc...

I can't go into too much detail on vulns specifically but I've found a number of high impact vulns in public-facing websites for companies I have worked for as well as one vuln in a popular proxy appliance that I should have submitted a CVE for but never did at the time.

[–] Penguincoder 2 points 1 year ago

We may have crossed paths if you TA for SANS... Pretty sure I know some other details for that proxy appliance vuln, or maybe it's just a real common vector.