Top 5 Things That Will Get You The Job

Cyber Security Success

You’ve done the training. You’ve practiced. You’ve searched for Jobs, but have come up empty handed.

Here is my list of the Top 5 Things You NEED to do to land your dream job!

  1. The Resume that puts other resumes to shame. A resume is just as important as your skills and training. If you can’t write a resume that is direct and to the point, you’re finished. Remember, you’re not dealing with technical managers at first. You usually meet with a non-technical interviewer. You’re second interview may be with a Technical Manager.
  2. Dress to Impress. When showing up for your interview, do not look like you were out drinking with friends the night before and just rolled out of bed. Men, you should wear a suite and tie. Women, a nice business suite/dress. For both men and women, you’re appearance speaks volumes about you. Look sharp, but not over the top.
  3. Direct Eye contact. Direct eye contact with your interviewer is very important. You have nothing to be ashamed about, or nervous about.
  4. Speak clearly. Speaking clearly, and directly will improve your chances of success. Be sure to speak at a normal pace, and with passion, but not over the top. Fast talkers, or jittery talkers, you should practice mock interviews with people you feel comfortable with, like family members or your significant other.
  5. Last but not least. Be Early! It shows dedication, professionalism, and speaks volumes about what kind of employee you will be. But there is a catch, being too early can have the same effect.

If you are interested in the potential for a career coaching course, where we will go over in detail how to go above and beyond these Top 5 Things You Need to get your Dream Job, we will be offering a course on that soon. Be sure to subscribe to this blog to receive the email update when that course rolls out.?

Sharing is Caring:

Age is Just a Number

Cyber Security Has No Age Limits.

I often get asked by potential students “I’m xx Years old. Am I too old/young to get started in Cyber Security?” and the answer is always the same; no.?

At Pentester University we have students of all ages, some not even in high school yet, and some that are retired from another previous career. The fact of the matter is, that no matter how old or young you are, its never to late or too early to get started in Cyber Security.?

Here’s the thing; your age will not determine your learning abilities, despite the old saying “You can’t teach an old dog new tricks, and you can’t teach a young old tricks.” It’s you who determined your learning abilities. With hard work, determination, and focus, you can learn Cyber Security at any age. Heck, I know some 5 year olds that know how to use an iPhone better than me. Whose fault is that? Mine. Why? Because I haven’t devoted the time to adequately learn more about it.?

At Pentester University, I try and break down all of the technical jargon and media based buzz words into something that you can easily understand. Something you can digest, and retain without it being super boring like similar online training has been known to be.?

Sharing is Caring:

Scope Creep: Escaping the Madness

Have you heard the term “Scope Creep” before? Chances are you haven’t, because it’s one of the most commonly missed things to be mindful of in Information Security / Cyber Security.?

What is “Scope Creep”?

Usually during the pre-engagement phase of Penetration Testing, while you are defining your contract, you set aside a block of hours that you feel will serve as the proper amount of time to properly test your client according to the SOW (Statement of Work). This block of time is considered as the “Scope”.?

Scope creep is when a client commonly says to you “Oh hey, While you are here, can you test this ________ also, it’s something we forgot to include in the initial engagement.” And trust me, this happens more than it doesn’t. And most Pentesters are so happy to have landed another contract, they work harder to oblige the client, and work it into the already existing scope of work.?

But here’s the thing; aside from the legal problems this can pose, it will eat up more of your pre-determined block of time (scope) and you will find yourself working longer, thus decreasing profits. ?Now if you have been enrolled in our Penetration Testing for Beginners course, you will know that I constantly bring up this issue, and warn you should never work for free. In fact, there is a way to hit the ESC key on this common debacle, while still meeting the clients request.

 

Escaping the Creep:

One successful way I have found to do this is is approaching your client in a manner that makes them aware that you want to help, but also you need to get paid extra. ?For instance:

“No problem Mr. Customer, I certainly understand. So what I will do is have a separate Statement of Work drawn up to include the added time and resources?that will go into testing the additional resources you mentioned. Once we?get that signed and returned back, we will go ahead and work that into the schedule. Where should I send it, to your email?”

You should never ever work for free. There will never be any benefit to it, and in fact, most clients will take that as a sign of weakness, and during the rest of your business relationship, will always seem to have “Forgotten to include that” in the statement of work. It’s a serious trap. Don’t fall victim to it.?

So by now, I hope that you are able to understand how Scope Creep can negatively impact your time and resources, and now how to effective hit the ESC key in a manner that makes the intent clear and concise.?

 

If you have enjoyed this article, please share it with your friends and colleagues.?

 

 

 

www.PentesterUniversity.org

Sharing is Caring:

Trumps Cyber-Security Executive Order

No matter if you love Trump, or hate Trump, he’s serious about the future of Cyber Security

Last week President Donald Trump issued an Executive order outlining his plans for Strengthening Americas Cyber Security Infrastructure. ?You probably haven’t heard much about it though, since it was immediately eclipsed by other news events like the Firing of FBI Director Comey, and then the super outbreak of the WannaCry super bug.?

According to TechCrunch’s Article one key thing that is important for us in the Cyber Security Private sector is this;

The EO?s call for federal government agencies ??especially civilian agencies ? to seek opportunities to share cyber technology makes a great deal of sense.”

And that couldn’t make me any happier, especially since Fridays Super Bug WannaCry kept SecOps up well over the entire weekend. Also, that is GREAT NEWS if you are seeking to start your own Cyber Security Firm.?

In Fact, since this news broke, I have received a ton of emails and calls regarding our Cyber Security Career Coaching services.

Do you remember the dot com boom of the late 90’s, early 2000’s? This is very similar, expect, unlike the dot com boom, there is no bubble or crash insight in the foreseeable future. So, roll up your sleeves folks, Cyber Security is going to be strong, no scratch that, Super Strong in terms of Budgets and Earnings. Are you ready for it?

So if you have been contemplating a Career in Cyber Security, and have questioned the validity and the future of the field, you now have your answer. Timbuk 3 (an 80’s Band said it best: “The future is so bright, I gotta wear shades”

 

 

 

Sign up for a 10 Day Ethical Hacker?Training Trial?

Sharing is Caring:

WannaCry Ransomware

WannaCry – The Latest Ransomware Romancing The Internet

 

The latest Ransomware to hit the market is called WannaCry and has already stricken over 12 nations already. Everything from hospitals to governments, to police stations. Their computers are now all being held hostage.?

This quite reminds me of when the ILoveYou Virus came out, and the Melissa Bug. Ahh, good times.?

All of this was made possible by two things; A Vulnerability that exists inside of Microsoft Windows, and was ONLY Found by the leaked NSA hacking tools and code.

The Hacker in control of this Ransomware is demanding 300 Bitcoin which as of today is worth roughly $511,869.00 U.S. Dollars.?That’s quite a bit of money to get their machines and data back. And sadly, some people like Hospitals and Banks will be forced to pay it. Effectively making the Ransomware creator a millionaire over night.?

So It’s been spreading via email in a zip file. So, don’t open any files from anyone, especially not a zip file. Turn off SMB/Cifs inside of your windows 10 machines, and keep good backups. Oh and stay current with Updates 🙂

Personally, I hope this is a wake up call for the global community that Cyber Security is important, as well as other areas of IT, like backups, system monitoring, fault tolerance, etc.?

 

 

 

www.PentesterUniversity.org

Sharing is Caring:

I Know Everything

“I Know Every Thing” – The Cyber Security Pitfall.

Chances are (especially in this field of Cyber Security) you’ve worked with someone who claims to know it all. And you’ve probably quickly noticed that they don’t. Ugh, I see it all of the time. I’ve worked alongside plenty of these “Know it all” types, and the fact is, they only knew what they read in a book to pass their certification test. If I had to guess as to why they act this way, it’s because of self doubt and inferiority complexes. If they could just get past that and humble up, they’d probably be fine.

It’s impossible to know everything, regardless of the Career. The so-called “Gurus” don’t even know it all. In the field of Cyber Security, this is especially true. Cyber Security, on both of the offensive and defensive side, changes so rapidly that it’s virtually impossible to know everything. Heck, you’ll never catch me saying that I am a “guru” or “Know it all” because I’m not, and I don’t. There is always something new to learn in this rapidly changing career. The sooner you realize that, the better off you will be.

The key to a successful career in Cyber Security is to be humble, among other things. Keep learning, keep moving forward, and don’t get discouraged. Our ideal student at www.PentesterUniversity.org are complete beginners. Why? Because normally there is no “I know it all” attitudes, and that is important for their success with our personalized training.

Stay Humble My Friends.

 

 

 

 

Sign up for our 10 Day Trial

Sharing is Caring:

The Memory Dump

Often times as people of the digital technology age, and especially as Penetration Testers we tend to get “Information Overload”, just like computers. And much the same as computers, we need to do a Memory Dump, before we crash.?

I felt it was important to write about this in a blog article, because we all need to step away from the screen from time to time, even for just a little while, so we can regain our focus. I can’t tell you how many times I have been on a Pentesting Team, and the team spent hours upon hours going on circles just because a team member was thought to have performed a task to further the teams goal, and because of “Information Overload” simply forgot to do the task, or otherwise note the results. It’s super frustrating, so I understood; it happens to us all.

Eventually, when I was a Team Leader, before we started an active Pentest, I mandated every team member to 3 days of nothing. Meaning, no research, no testing, no report writing, nothing. It was 3 days to go do what ever they wanted (Except for the above mentioned) to clear their minds. I dubbed it “3 days of Memory Dumps, no logs”, which was quite funny at the time — Nothing worse than a memdump with no log of it lol

They key takeaway here is, what ever you do, don’t allow yourself to burn out. Take some “Me Time” out for just you. Do what ever makes you decompress and relax. Go get a deep tissue massage, go veg out and watch endless hours of Mr. Robot, or simply sleep. What ever it takes to clear your memory. You’ll thank me later when you are on an active engagement and blaze right through it like Tank from the Matrix 🙂

Shaun James

 

 

 

www.PentesterUniversity.org

Sharing is Caring:

News: Vi Editor Course is Now Open

I am very pleased to announce that we just released a new course specifically on the terminal based vi(m) Editor.

vi or otherwise known as vim is a very powerful UNIX based terminal text editor. You can quickly create, modify, save and edit configuration and text files inside of a Linux/Unix shell. You can even write programming code with vi/vim.?

In this course we discuss how to properly use vi/vim to create, edit, and save files. We also talk about how to navigate files inside of vi/vim, how to search for text and replace text, and much more.

It’s completely FREE for Members of PentesterUniversity.org and ONLY?$27 for non-members.

You can check out the course right here: Learning The vi Editor in Linux

Shaun James

Sharing is Caring: