We all got our start in security at some point, how did you get started? What originally piqued your interest or got you started on the path toward information security?
Bonus Question - Do you have any advice for others that are getting started? What’s the best path to take in the early days?
I got started in security out of curiosity, and necessity. I’ve been a developer for quite a number of years now, and as such have seen my skill set grow. In the past few years, I’ve been focusing on administrative duties, including server maintenance / monitoring, incident response, all the way to analysis of code bases for clients. This widened perspective has given me the opportunity to not only observe attacks, but also learn about how they are performed, and the possible methods of mitigation.
Over the past year, I decided to take a more active role of perusing knowledge and skills relating to the field of security, with a focus primarily on Web Applications and Server Hardening. This has led me to become rather active in releasing WordPress vulnerability reports for plugins (ok - not the most challenging field, but we all start somewhere), as well as taking part in CTFs, and writing the occasional blog post.
I still see my self as a hobbyist, but I feel like I’ve learnt a hell of a lot over the past few years, and look forward to continuing to grow my knowledge base.
Advice for others
JaysonStreet just started a video blog and he answered this same question. Watch Jayson and ioCassie talk about how they got into InfoSec:
I got a Tandy TRS 80 when I was 11 or so and never played a game in my life, i started reversing pretty much and coding in basic and pascal. ive been doing networking and pentesting for 20 yr , suggestions would be. dont give up obviously
The only people successful at this game would be the people who have passion for it.
peace