Options
Doubts regarding Career in Pentration Testing
sagarkha
Registered Users Posts: 2 ■□□□□□□□□□
I am a new member at techexams.net and I seek you suggestion for a career in penetration testing . Guys, I have seven years exp in IT field. Initialy i started working on Windows Support and later moved to Network Admin working on router, swithces , firewall, IPS,IDS, ISA proxies, datacenter implementation. Presently i am working on Bluecoat & Mcafee WG proxies, SIEM tools(RSA Envision, Nitrosecurity), Rapid7 Vulnerabilty Assement etc. Apart from my job task, i like to play around with Backtrack, do some scripting with Perl, VB6, Expect. For example i created some scripts like ARP Spoofing attack in perl, a trojan in VB6 etc. Also, last year I cleared CISSP as well. Guys, all of my experience includes Networks/Security Operations and now i want move to Penetration testing, but i have a lot of doubts, so please answer these questions or send me the link of any other related thread:
q1 What is the differnce between consulting and PT. I think consulting people do IT Audits for SOX, PCI etc and PT people do auditing for websites, external IP addresses. Am I correct ?
q2 With my current experince and certs can I staright away move to PT or do I need to do certs like OSCP or GWAPT first.
q3 In India, I can see a lot of job opening for Web App Security, so shall I do GWAPT instead of OSCP /GPEN.
q1 What is the differnce between consulting and PT. I think consulting people do IT Audits for SOX, PCI etc and PT people do auditing for websites, external IP addresses. Am I correct ?
q2 With my current experince and certs can I staright away move to PT or do I need to do certs like OSCP or GWAPT first.
q3 In India, I can see a lot of job opening for Web App Security, so shall I do GWAPT instead of OSCP /GPEN.