Start reading InfoSec Career Hacking: Sell Your Skillz, Not Your Soul on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here or start reading now with a free Kindle Reading App.

Deliver to your Kindle or other device

 
 
 

Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.
InfoSec Career Hacking: Sell Your Skillz, Not Your Soul: Sell Your Skillz, Not Your Soul
 
 

InfoSec Career Hacking: Sell Your Skillz, Not Your Soul: Sell Your Skillz, Not Your Soul [Kindle Edition]

Chris Hurley , Johnny Long , Aaron W Bayles , Ed Brindley

Print List Price: £26.99
Kindle Price: £21.43 includes VAT* & free wireless delivery via Amazon Whispernet
You Save: £5.56 (21%)
* Unlike print books, digital books are subject to VAT.

Formats

Amazon Price New from Used from
Kindle Edition £21.43  
Paperback £22.56  
Kindle Daily Deal
Kindle Daily Deal: At least 60% off
Each day we unveil a new book deal at a specially discounted price--for that day only. Learn more about the Kindle Daily Deal or sign up for the Kindle Daily Deal Newsletter to receive free e-mail notifications about each day's deal.

Special Offers and Product Promotions

  • Purchase any Kindle Book sold by Amazon.co.uk and receive £1 credit to try out our Digital Music Store. Here's how (terms and conditions apply)

Product Description

Product Description

“InfoSec Career Hacking” starts out by describing the many, different InfoSec careers available including Security Engineer, Security Analyst, Penetration Tester, Auditor, Security Administrator, Programmer, and Security Program Manager. The particular skills required by each of these jobs will be described in detail, allowing the reader to identify the most appropriate career choice for them.

Next, the book describes how the reader can build his own test laboratory to further enhance his existing skills and begin to learn new skills and techniques. The authors also provide keen insight on how to develop the requisite soft skills to migrate form the hacker to corporate world.

* The InfoSec job market will experience explosive growth over the next five years, and many candidates for these positions will come from thriving, hacker communities

* Teaches these hackers how to build their own test networks to develop their skills to appeal to corporations and government agencies

* Provides specific instructions for developing time, management, and personal skills to build a successful InfoSec career

About the Author

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Product details

  • Format: Kindle Edition
  • File Size: 4679 KB
  • Print Length: 448 pages
  • Publisher: Syngress; 1 edition (2 Jun 2005)
  • Sold by: Amazon Media EU S.à r.l.
  • Language: English
  • ASIN: B00CLC3TVM
  • Text-to-Speech: Enabled
  • X-Ray:
  •  Would you like to give feedback on images?


More About the Author

Discover books, learn about writers, and more.

Customer Reviews

There are no customer reviews yet on Amazon.co.uk.
5 star
4 star
3 star
2 star
1 star
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.1 out of 5 stars  10 reviews
10 of 10 people found the following review helpful
5.0 out of 5 stars An Overall Good Read... 25 May 2005
By Mark A. Cavey - Published on Amazon.com
Format:Paperback
I enjoyed reading this book and I kept thinking to myself, "I wished this book would have existed when I tried to break into Information Security/Information Assurance. So far I've had a pretty successful IA career and as I read each chapter of the book I realized that I basically followed almost all of the books suggestions, some by my own plans and some by accident.

This book is definitely authored by an all-star cast so I was excited to crack the seal. I liked the sections on employment opportunities and who's hiring. The brief IA overview was definitely necessary. I was also fond of the Laws of Security content. I've never thought about those laws and how true they really are.

When I get time my friend and I plan to use the Creating an Attack Lab content. It was a good collection of theory and tool descriptions.

Overall this book is a good read and even though I've been in the Information Assurance field for over 8 years now I plan to use it as a reference and to build me an attack lab ASAP.

All IA/Infosec newbies should read this....it could have saved me some stress when I was just a noob!

Mark Cavey, CISSP-ISSAP, IAM, IEM, CHS

Senior Computer Network Defense Engineer
8 of 8 people found the following review helpful
4.0 out of 5 stars Fascinating approach, could use more meat 15 July 2005
By Stephen Northcutt - Published on Amazon.com
Format:Paperback
I liked the book, I like the approach, but it falls short of what needs to be done to be a truly useful tool for job hunting. As I read it the burning question in my mind was, would What Color Is Your Parachute be a better tool? I actually pulled my two year old copy of Parachute off the shelf and it is a better tool.

Still the book deserves a flip through if you have a chance to pull it off your neighbor's shelf or check it out from a library. My favorite chapters were 3 and 4, if there is any chance you might be looking for a job, don't miss those.
6 of 6 people found the following review helpful
3.0 out of 5 stars More career advice than hacking advice 9 Aug 2005
By jose_monkey_org - Published on Amazon.com
Format:Paperback
Plenty of people are curious as to how to become an information security professional. It's a profession that has a bit of an establishment atmosphere to it where entry to various levels is granted in secret. And it's often hard to understand where to start. Infosec Career Hacking attempts to demystify this process and show you not only generic strategies for employment, but ones specific to the information security field.

The book focuses on career development, not on how to be a hacker or a professional hacker. It's full of some useful information about building a successful career, much of which applies to any technical field. It also focuses mostly on being in the infosec service business, not in product development or, to a large degree, operations. Keep that in mind when you think about buying it. While most of what you'll learn is generic technical career advice, some of it is focused.

The first part of the book is especially useful, and I think provides most of the value that's not available elsewhere. Things that are covered may seem like basics that people should have just picked up, but it's hard to know what you're supposed to know when you change environments, let alone see it all together in one place. I find this section to be especially useful and reasonably well written.

Chapter 1 opens up with a basic orientation of the infosec landscape, including the types of companies and organizations you may want to look at working with, the types of work and positions you see typically, and what kinds of skills you'll need to consider get the interview, let alone the job. Chapter 2 is much like a hacking book in that you're encouraged to perform some scout work on your potential places of employment. Good advice, and it's nice to see it demonstrated. Chapter 3 talks about getting experience and getting your feet wet in the infosec world. Things like conferences, local groups and meetings, and even security clearances are covered. A nice overview, but a it shallow in places, too. Chapter 4 focuses on the resume and the interview, the kinds of things that normally jump to mind when you think about career hacking. A decent overview, and good things to learn.

Part 2 focuses on technical parts. These chapters, I felt, were a bit thin on value and attempted to provide too much coverage but without the depth. What I felt this part of the book was trying to do was to be a quick overview of what you should know if you want a career in information security without any of the work it takes. Because this is such a broad amount of material, and the book only spends about 180 pages on it, the coverage isn't deep. Instead, the cursory coverage is a detriment to the book's value.

Chapter 5 is where I found the most material to complain about. This chapter is titled, 'The Laws of Security', and can be used for your benefit or your downfall. In the right hands, where the nuances that come from actually encountering these challenges in the wild and discovering the reasoning behind them, you can display wisdom. In the wrong hands, where you can't successfully defend a challenge to these axioms, at best you'll appear to be someone who parrots security luminaries, and at worst you'll look like an uninformed buffoon. If you decide to accept conclusions without understanding the reasoning behind them, you're asking for it.

Chapter 6 talks about building a home lab of machines for attack. I felt this chapter devoted too much time to drooling over gear and not enough time discussing more equipment and more valuable gear. Large classes of lab resources, including enterprise applications, networking gear, and even commercial security software was left out. The disclosure debate was reasonably well handled in chapter 7, discussing the various ways that people have established this process. What's missing here is how to actually find where to send the report to and how to ensure it's been acted upon. And finally, a nice, succinct and reasonably comprehensive (if a little too short at times) classification of vulnerabilities and attacks fills chapter 8.

Part 3, 'On the Job', is for when you finally have the position and now you want to keep your job, advance your career, and improve your skills. Unfortunately, this section feels a bit undeveloped in too many places. There's a lot to cover, but the chapters here lack any significant depth to them, and it doesn't feel like they really deliver as strongly as they could.

This section opens with an approach to your career much like an intruder would take to advancing their compromise. Chapter 9 covers how to perform scouting of your new environment, how to get through meetings without messing up, landing your own projects and succeeding with basic project management. Thinking about striking out on your own? That's natural, and the next few chapters will help with that. Chapter 10 is a short list of ideas on how you can use your new knowledge and skills to benefit others, which can help you build a name for yourself and maybe even clients. Chapter 11 looks like it's trying to encourage you to become a local leader of information security knowledge, using that information specifically for incident response. In a crisis, everyone loves a hero, so why can't that be you? And finally, the book closes with a chapter on how to start looking at being an independent consultant. It's been said that you'll never succeed working for someone else, so why not work for yourself? This chapter introduces you to some of the possibilities here, along with some of the considerations. Overall, these chapters have some clear value to them, but because they try and cover so much, they feel underdeveloped and fail to really deliver a strong benefit to the reader.

One of my big concerns when I began reading this book was that it would encourage you to simply become another script kiddy type consultant, capable of downloading a few tools and use old hat techniques to deliver sub-par results. That's a crowded marketplace already, so I didn't want to see anyone encourage that. Instead, it tries to impart valuable career skills. My big complaint is that it tries to do so much that it can't possibly succeed in all of them. It does a decent job, but in some places it definitely lacks the solid landing to make it stick. Overall, though, this uncommon book is a nice twist on the old career guides, tuned for the information security market.
6 of 6 people found the following review helpful
5.0 out of 5 stars A book that's been needed for a while 1 Sep 2005
By Kevin Beaver - Published on Amazon.com
Format:Paperback
Even though the content in this book sways from one end of the information security spectrum to the other reaching the point of identity crisis, I really like its approach. I speak on this topic quite often and I'm finding it's the one area of information security that has remained mostly untouched - yet desperately needed - in this hot field. There are several success-related topics missing, but overall this book is a good read for those looking to take their information security careers to the next level.
6 of 7 people found the following review helpful
5.0 out of 5 stars Information Security Careers 23 May 2005
By David S. Burris - Published on Amazon.com
Format:Paperback
Do you desire a job in Information Security? If so, "InfoSec Career Hacking, Sell Your Skillz, Not your Soul" is the information you have been seeking. It covers pertinent security laws, preparation you must complete prior to submitting an application, how to evaluate information security position listings, résumés, pros and cons of certifications, ethics, corporate culture, and presenting your skills in the best light throughout the interview process. The text was meant for individuals knowledgeable in information security or seeking to become knowledgeable. If you need a yardstick to measure your abilities against in security, encryption, client-server, IDS, firewalls, root kits, and building your own working lab to practice attack and defense, this book was meant for you.

David Burris, Ph.D., CCP
Were these reviews helpful?   Let us know

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 

Search Customer Discussions
Search all Amazon discussions
   


Look for similar items by category