- Find an area that interests you the most and focus on it. When you are starting out in security it is best to specialize, this is good for both — employment opportunities and personal growth.
- Be prepared to work hard, security isn’t easy. The more you dig into a topic the more you spot gaps in your understanding, treat it as an opportunity to learn new things and keep at it.
- The learning never stops in security, things constantly keep evolving, and if you stop staying current, you will fall behind. This is the harsh reality, it is what makes security exciting and hard at the same time.
- Don’t compare yourself to others. It will only feed your self doubt.
- Start with the theory, test it out and then apply it. Don’t be afraid to get your hands dirty.
- Work on bug bounties, it’s a great way to learn new things and get your name out there. As a student you might not get access to a lot of real world applications, bug bounties give you that exposure. Try out CTF challenges and wargames as well, another great way to get your hands dirty.
- Blog as you learn, it’s a great resource to your future self and gives you a lot of visibility.
- Understand what a vulnerability is, why it happens, how to test for it and how to fix it. It’s as important to know how to fix things as it is to break things.
- Don’t be afraid to ask questions, learn from people around you. See how they approach problems, and how they tackle the unknown.
- It’s ok to say, “I don’t know”. Write down things that you come across in your day that stumped you and look it up later.
- Go to local meetups and conferences, students get discounts and can even land travel grants. If you can’t attend the conference look up and watch the videos.
Security Engineer in silicon valley, foodie, gamer and serial doodler. Specialize in red teaming and application security.