
How can a penetration tester at service based company can shift to product based comapny
Hi I am working in one of the service based company for 2 years now. My regular tasks include Web,api and Android penetration testing. But I want to improve my skills and also want to get into some product based company. I am trying out from tryhackme for now. But I need more suggestions on road map and also could you please share you interview experience at product based companies for pentesters
Talking product sense with Ridhi
9 min AI interview5 questions
I was in security industry before I came to an engineering role before I came to a product based company. Product security is a different beast when compared to traditional service in security, product differs in a few ways. When you’re in product based role your threat modeling and analysis needs to be done by you. Apart from this product security testing needs a system level understanding that you’ll get when you end up engineering some products. Some skills that might help you go a long way in this industry is threat modeling and analysis, cross layer understanding of OSI, elinux and Linux internals, fuzzing, a little bit of programming (few things off of my head). Even for a tradition “pipe hitter” roles in security if you have these skills it’ll be helpful for you.