I’d like to get answers to the following things:
1 - What kinds of security testing are there?
2 - What are the prerequisites that one needs in order to get started in security testing?
3 - Does it matter how you learn the basics i.e. by getting a CS degree or self learning?
I get the feeling that there are people and courses out there which make it seem (intentionally or not), that anyone can become a security tester by just taking a few random courses, by getting some certifications or by mastering a few security testing tools. I am skeptical about this.
I am sure that most testers could do some kind of security testing. But, I don’t know if they can become experts. Are there some kinds of security testing jobs for which a CS degree and/or certifications should be mandatory? Are there any kinds which don’t really need degrees/certs? What are the career prospects for someone who does jobs which don’t really need degrees/certs?
PS - Related post How to get started in Security Testing?