I am in need of some advice. I have been in the Security industry for about two years now and I feel that I'm at a figurative fork in the road. I have talked with allot of people and been to a few trainings for both offensive and defensive. Some people have said I need to make a choice in what direction I want my career to go. So that being said I have no idea where to go, there are parts of both offensive and defensive that l like. I also know that you really need to know one to be good at the other.
I know that on the pen-testing side you need only find one mistake by the security team to own them. Now that sounds fun kind of like the gotcha factor. On the other hand I like the constant cat and mouse game of exploit found hurry and patch or update. Then there is the part of how,what,who and when that is also interesting to me.
So as you can tell I am not really sure what I want to do. Does anyone have advice on something that helped them decided which "road" to take?