Infosec Engineer AMA - eviltoast

Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I’ve worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I’m also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

  • shellsharks@infosec.pubOPM
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I’d be either very broke or have to be very rich to have paid for all of those haha. Fortunately, I worked for a company that had a very generous training allotment. I’ve also managed to take quite a few entirely free by being part of their vTA (virtual TA) community, whereby I help instructors throughout the week of the course with student questions, lab setup, etc…

    I can’t go into too much detail on vulns specifically but I’ve found a number of high impact vulns in public-facing websites for companies I have worked for as well as one vuln in a popular proxy appliance that I should have submitted a CVE for but never did at the time.

    • PenguinCoder@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      We may have crossed paths if you TA for SANS… Pretty sure I know some other details for that proxy appliance vuln, or maybe it’s just a real common vector.