Michael J. Conway

There is no right answer to this. I came out of the operational military side of things without a back ground in computers. I spent more time in physical security, particularly with how it relates to aircraft. I picked up cybersecurity when I went back to school for my bachelor’s and focused on it with my master’s. While the degrees helped to…[Read more]

Along the same lines as my previous post about alternatives, the NSA has released one of their custom built tools to the public. I haven’t tried it yet, but am planning to in the near future. If you are interested go check out GHIDRA 9.0. Happy bug hunting!

https://thehackernews.com/2019/03/ghidra-reverse-engineering-tool.html
https://ghidra-sre.org/

Aside from a busy end to last year and a busy start to this year, my plan is still in something of a flux. I really need to put a date on the calendar for the ITIL exam if to do nothing ore than force me to study. After that and looking at what the EC CHFI and the eLearnSecurity version, I am probably going to go that route. After that, things…[Read more]

Doc,

I love this article and it goes nicely with what I have experienced over the last decade that I have actively worked in InfoSec. What I find amazing is that we really don’t do basics well. We still think of our networks in terms of the old castle analogy. The firewall is the drawbridge to get into the castle and we thing that building a…[Read more]

This is a great read and I thoroughly enjoyed it. In 98, I went to basic and missed this completely. On the federal side of things, I think we have made more progress towards secure systems, particularly in the DoD. We still have a ways to go as cybersecurity still feels like a bolt on at times but I think it is getting better. This is thanks…[Read more]

I love the brain dump on BOFs. I was at a company sponsored class over the summer and wrote an exploit for Adobe flash the same way you just did. I hadn’t done one of those in a while and forgot how much fun it really is. For the class we had access to IDA Pro as well as another tool similar to the old Ollydbg, x64dbg. And while those tools…[Read more]

Rey,

I just finished your blog post. One question though: where/what industry are you looking to work in? My background is DoD so I tend to look at 8570 to see what the baseline certifications are and work from there for certifications and training to pursue. And yes, it has been my experience that for somethings, you cannot beat hands on.

Thanks

Tim,

Thanks for the article. I went the non-traditional route as well. I went straight to college after finishing high school but really had no idea what I wanted to do. As a result I just kind of drifted around in class and never really focused. I eventually walked into the Air Force recruiters office and ended up doing 10 years in the Air…[Read more]

Welcome to EH-Net. As Don said, there is a lot going on in security and no one cert will make you into that role. I did the CEH years ago and what Don said was true then and seems to be true now. I still had an education to get after getting my certification. Same with the CompTIA certs. They are great for giving and assessing a baseline…[Read more]