Kyser Clark interviews Trent Darrow, a senior penetration tester and cyber protection team crew lead. They discuss Trent's background, certifications, and his role in building a red team. They also touch on ethical dilemmas in the industry, the effectiveness of certifications in preparing for real-world pen testing, and the importance of skills like time management and effective communication. In this conversation, Trent and Kyser discuss time management in cybersecurity exams, the challenges of scanning large networks, the role of a cyber warfare technician, the transition between civilian and military careers, strategies for preparing for the OSCP and OSEP exams, the value of participating in CTFs, and the future of the cybersecurity field.

Connect with Trent Darrow on LinkedIn: https://www.linkedin.com/in/trenton-darrow/

Takeaways:

Trent's background spans help desk, IT specialist roles, network engineering, and cybersecurity contracting, with certifications like OSCP, GCFA, GWAPT, GPEN, and GCPN.

Real-world skills like time management, note-taking, and communication are crucial, differing from those needed for exams or CTFs.

Ethical dilemmas, such as downgrading findings to please clients, can be common in the industry.

Preparing for certifications like OSCP and OSEP requires practice, extensive note-taking, and ensuring tools work properly through a proxy.

AI isn't a threat to cybersecurity jobs, but learning web application security is essential for staying competitive.

Connect
---------------------------------------------------
https://www.KyserClark.com
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark

Music by Karl Casey @ White Bat Audio

Attention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.

The postings on this site are my own and may not represent the positions of my employer.

Kyser Clark and Evan Isaac discuss their experiences and insights in cybersecurity. They cover topics such as certifications, content creation on LinkedIn, web hacking resources, job searching advice, and the importance of offensive and defensive cybersecurity skills.

Connect with Evan Isaac on LinkedIn: https://www.linkedin.com/in/evan-isaac/

Takeaways

• Certifications like OSCP and eWPTX are valuable in cybersecurity, but other certifications like PMPT and CPTS are gaining recognition.
• Creating content on LinkedIn and other platforms can help build your personal brand and network in the cybersecurity industry.
• Web hacking resources like PortSwigger Academy, TryHackMe, and Hack The Box are great for learning and practicing web application security.
• When searching for a job, networking and building connections are crucial. Contact recruiters and professionals in the field, and consider posting content to showcase your knowledge and skills.
• Both offensive and defensive skills are essential in cybersecurity. Gaining experience in blue team roles can provide valuable insights for red teaming and penetration testing.
• Stay consistent, never give up, and continue learning and growing in cybersecurity.

Connect
---------------------------------------------------
https://www.KyserClark.com
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark

Music by Karl Casey @ White Bat Audio

Attention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.

The postings on this site are my own and may not represent the positions of my employer.

Kyser Clark interviews Nouha Ben Brahim, a Python programmer turned bug bounty hunter and founder of No Breach. They discuss Nouha's journey into cybersecurity, the most concerning cyber breach, common web hacking vulnerabilities, becoming a speaker at events, starting a cybersecurity company, and Nouha's podcast, The Hackers Line.

Connect with Nouha Ben Brahim on LinkedIn: https://www.linkedin.com/in/nouha-ben-brahim-4b749b278/

Takeaways

• Transitioning from programming to bug bounty hunting requires experimentation and learning the basics of hacking.
• Common web hacking vulnerabilities include GraphQL flaws, authentication issues, and IDOR.
• To become a speaker at events, choose a topic that tells a compelling story and resonates with the audience.
• Starting a cybersecurity company requires building trust, providing high-quality solutions, and staying up to date with industry trends.
• Podcasts are a valuable platform for sharing knowledge and connecting with experts in the cybersecurity field.

Connect
---------------------------------------------------
https://www.KyserClark.com
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark

Music by Karl Casey @ White Bat Audio

Attention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.

The postings on this site are my own and may not represent the positions of my employer.