Hello All - Just wanted to drop by and say hi to everyone!
Hello Techexams family. Just wanted to drop by and say hello and maybe encourage some of you who are just coming into this field.
I guess it was about 2003 or 2004 when I joined here or at least started to look around. I had some experience but zero certifications.
Shortly after I started studying for A+ Net+ Security+ and some of the MCSE exams using exclusively the resources on this site. And I do mean exclusively. After passing all those exams I started to focus a little more on the security certs since that was my area of expertise and practice. But just know that gaining the knowledge I gained obtaining the Microsoft certs, and Cisco certs tremendously helped me accelerate my position in the security community as I had practical knowledge and hands on with most of the technologies that existed out there. In other words I wasn't just a paper cert person, but for some technologies, I WAS A PAPER CERT PERSON FIRST, AND BASED ON THAT CERT I WAS ALLOWED TO BE IN THE POSITION TO GROW PAST JUST HAVING THE PAPER. I all caps that for a reason. It's easy for us to sit back and say to others, "if you just have the paper without the skills, it means nothing". This is 100% not true. Don't ever look at a cert that's of interest to you and say "well it's pointless for me to bother with it, because I don't have hands on". I agree, hands on AND paper together is more valuable, but this hardly means the cert alone is useless. That's only the case if you don't use it to your advantage.
I will never forget the very first forensics case I was involved in; I didn't know a ton about forensics analysis tools, but one thing I did know was how to do a Chain-Of-Custody and how to image a drive without screwing that part up. I informed the law enforcement group I was assisting of this ahead of time. But it wasn't a time sensitive case so I had time to actually dive into the Encase and FTK and master the analysis part. After all, as long as we didn't jack up the original evidence, there wasn't much we could do to mess up the case! But the key is, I had the basic certs required to at least get me looked at or in the door.
Fast forward to today; I run/own a very elite penetesting and digital forensics firm. We do work all over the world for agencies, and fortune 500 companies on a regular basis. Recently as a company we have been doing a ton of network forensics and technical incident response and breach containment. I've been on the news, in newspapers, and articles, and everything in between. My focus personally and what my role in my company has been in the last few years is R&D and acting in either an advisory role or evangelist role. If you look at the companies who are the lead vendors in the security world, , I've worked with just about all of them and continue to do so in the areas of product development, product testing and other things. If I'm not working on a pentest or a case, my typical day goes like this.
Vendor: "Hey we have this $600,000 appliance that we want you to see if you can get past with all the stuff you normally do to get past security appliances".
Me:Sure, here's my hourly rate for this R&D project (which is a way to say i get to just sit and play with cool technology and bill a crazy hourly rate for it).
Vendor:"Ok, we're sending you a NFS (not for sale) version of the appliance out today. We just emailed you a new contract for this prodcut, sign it and get it back to us"
Me: "OK, thanks again!"
Deal done.
This paragraph is the most important of everything I'll say. I attribute MOST of my early success and the door being opening to the time I spent on this site learning. And just as importantly sharing what I'd learned with others on this site. I was recently doing a lecture for about 75 Systems Engineers for a popular security appliance and one of them asked how I gained such a wide and deep knowledge base in so many areas in such a short time. After pondering that question for a moment I realized that Techexams was the pivot point, the catalyst, the initial strike of fire that would eventually light my engine and send me on to opportunities I could have never even dreamed of 10 years ago. Here's some advice to those of you trying to get to that next level.
1. Write out your goals in a excel sheet or something. What certs do you want and what job do you want to be doing. Trust me, write it out and check this off 1 at a time as you accomplish them.
2. Help other on here when you can. Don't be harsh, don't be condescending (you can even see me being guilty of this in some of my early posts on here). But don't. People are here to learn and get help. Be part of the solution. It will get you further in life.
3. Take the opportunity to learn something new every single day. And there's no better place to do that than here.
4. Remember one of my favorite quotes; "Luck is the meeting of preparation and opportunity" The more you prepare, the luckier you will eventually get. You have little control over the opportunity part, but you have 100% control over the preparation part, so own that part and do it to the 1000th degree! You'll thank me later!
5. If you go through a technical process and you don't understand it when you're finished. Seek guidance, but more importantly, do not stop. Go through it again, and again, and again, until you get it.
I hope this helps some of you. Keep studying and stay focused!
