Agree with Chris on the propaganda points.

The event would likely be in Glasgow, if the numbers are high enough

Hi,

Just wanted to try to gauge some views on demand for offsec pwb live course which leads to oscp at a UK location, I would love to attend the training but if like me your not able to secure funds for the course/travel to the US it would be great to get them to come to us!

I would be interested to find out if I can gather enough interested bodies to possibly attend the live training. Pm me if you think you would or if you have any questions.

http://www.offensive-security.com/information-security-certifications/

With regards to the cheaper option at Elearn security. I am on that course at the moment. The web application assessment is very hands on. The courseware presents you with a number of concepts on the tools and techniques aswell as a number of training videos to get you off and running, with a focus on delivering a report like you would be expected to do as part of the job. The course also forces you to think for yourself, which in my opinion is a good thing.

The forums provide the main mechanism for support and do contain other useful information and a chance to submit questions, where either other students will assist or refer you to other external materials or you will get an answer from armando the trainer.

At the moment there is no official material for WiFi, but I've asked questions about this area in the forums and still recieved useful info even though its not part of the curriculum yet.

Hope this is useful.

Got my copy  but still reading some other materials at the moment. I'll hopefully get to it soon and come back with views.

I don't think the US or the UK will like the feeling of looking control of media outlets, especially when you look at the impact of social media.

For example in the UK there is a campaign group that is building momentum. UKuncut

What I have found interesting is that this online protest group managed to force mainstream media attention and have been gathering followers/activists at a what I think the government must be thinking, shit what do we do with this, my bet is they would love to shut them down.

Unfortunately the organised trade unions don't seem to have yet harnesses the potential power of quick responsive communications to get things happening. Though I have seen a bit more use, which I think is encouraging.

The protest I joined at the weekend about cuts to our education system, was also policed so badly and people where able to record this, upload pics and videos from smartphones there and then, which must be a killer for the gov as they then find it harder to put negative spin on the protesting in attempts to put down the campaign.

It's becoming a more difficult time if to be a "democratic" society and still bullshit your people. So all there seems to be left is to have a "fear" button, that can be used if it suits capitalist democratic societies. Just incase people decide to all take up their democratic rights at the same time, which is not good for profits.

Interesting times.

Should really have said 1 day during the week. I spend evenings and weekends also researching plus its part of my main job.

Thanks guys for your inputs.

Based in Scotland

To get you started on your info gathering:

http://www.cisco.com/web/learning/le3/le2/le0/le9/learning_certification_type_home.html

http://www.comptia.org/certifications/listed/network.aspx

Plenty of books and YouTube videos that are easy to find. Plus discussions in the cert forums here.

Ive no issue with studying with someone else.  Don't know about being able to mentor but sharing knowledge and skills sounds useful to me.

Hi,

Curious about the views of the experienced.

Working away at security research and certification. Starting to find this to be the direction that I want to take my career in. It was many years ago after my first course but I had much to learn at that time to get this far.

I will be freeing up 1 day per week to totally focus on making progress.

I've written to some local companies offering my services, I would say at an extremely affordable rate. My thinking no better way to expand my skill and knowledge than in a role. In the mean time there are plenty of practice vm to use.

So far no takers on my offer, so I'm thinking I can offer to my services on my own for small enough projects. My only concern is the legal issues,  any tips here most welcome.

Any views about, being free 1 day per week, do you think there is a chance realistically a company could use someone for 1 day per week? (Sec company)

I've also joined the local owasp group to see what I can do there and learn from.

Thanks for your post foip. I will be checking this out with my lab. I am very interested to see more demonstrations of burp.

Install linux on a laptop or your home system and get started.

I would also recommend reading the CEH materials as a good place to start, you do get a broad understanding of various issues around security.

eCPPT is also good in terms of making you focus on web application testing and the security issues surrounding this area, which realy should become more of a challenge and focused role as more people move into the "cloud".

Certs are always a way of cutting the number of applications into a short list. Also from a PR point of view from the company perspective they offer value to potential clients.

I would also suggest that perhaps you have a look in your area's for any business meetups. Try to contact the organiser and offer to do a free presentation on security, I have done this recently on two occasions and it went quite well. I have a few more contacts and I am hopefull that I will get a project or two to work on which I can add to my CV (resume)

See this for an example:

http://www.glasgowtechnet.com/calendar/15676811/?from=list&offset=0

Ok its not paid work so far, but I did learn from the challenge and I also enjoyed my time.

Depending on your experience of various other technologies.

You may for instance want to start looking at:

Network + or CCNA (if you need networking concepts understanding) type material.
You should also be familiar with both linux and Windows OS
Your programing experience will be useful.

You can then have a look at the likes of CEH, if you want a broad understanding of security concepts.

Perhaps eCPPT if you feel you have the basics under your belt and want to focus more on penetration testing techniques.

Hopefully this helps. There are a number of other discussions in these boards around certification.