We started a conversation at the TestBash Brighton UnExpo about wanting to teach, learn and share experiences year round rather than just at the conference.
So here we are! And if you interested in learning, teaching or sharing experiences about Security? Why not connect here with @danielbilling, Parul, @steven.knopf and others who are also looking to connect!
Hi Daniel, I did study about security testing and have tested the apps in my company for OWASP top 10. But unfortunately, I could not continue with it because sadly, most companies don’t want to go for it. They think that security testing is unnecessary and should be the last checkpoint (if at all). Those who want security testers need people with experience of a very a decent number of years- so that they can establish the security guidelines for that company. Just wanted to know your views on it? I am based in NZ so telling you about the market here.
I’m sorry that you have had that experience. I thought the NZ market was quite well informed on security, having spent some time there last year, attending WeTest, talking to folks and learning. I ran some workshops at Xero.
The security industry is quite specialised, but I do not think there is any harm in broadening your personal skill set to aim for the direction you want to set for yourself, not what the market dictates.
Look at the chatter on the web about T-Shaped, Broken comb or Paint drip models for skill and knowledge development.
Thanks Daniel, may be not every company concentrates on security and my exposure is still limited. WeTest is a great place to collaborate. And yeah, no harm in keeping in touch with this domain, some day it might be useful! Thanks for the links…
Ransomware prevention seems to be gaining more and more exposure and importance recently. Is anyone working on any test strategies/architecture around it?