this post was submitted on 12 Jul 2023
29 points (100.0% liked)

cybersecurity

64 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
shellsharks@infosec.pub
tweedge@infosec.pub
29
Infosec Engineer AMA (infosec.pub)
submitted 1 year ago by shellsharks@infosec.pub to c/cybersecurity@infosec.pub
37 comments fedilink hide all child comments
 

Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I've worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I'm also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

you are viewing a single comment's thread
view the rest of the comments
[–] s1l3ntk1ll3r@infosec.pub 1 points 1 year ago (1 children)

Thank you! Yeah, I see myself in that deathtrap of trying to build out roadmaps and taking on way too many things a little too often haha. I definitely agree with you that AppSec is one of the most interesting security disciplines out there atm.

Given my background, I tend to gravitate towards breaking and a fair bit of defending but I'm fairly green when it comes to building. That said, I'm trying to improve my dev skills to be able to understand a developers mindset and be able to design and build an AppSec program from that PoV. On the same note, I've been looking into the CSSLP cert as a reference to help me along this journey, any thoughts on the cert or the material?

Appreciate the response and I look forward to your new content.

[–] shellsharks@infosec.pub 2 points 1 year ago

Haven't taken the CSSLP nor have I seen it asked for very much on job reqs. It wouldn't hurt to have but ISC^2 doesn't exactly have the reputation for practical learning.