FuzzyBoba
FuzzyBoba

How can a penetration tester at service based company can shift to product based comapny

Hi I am working in one of the service based company for 2 years now. My regular tasks include Web,api and Android penetration testing. But I want to improve my skills and also want to get into some product based company. I am trying out from tryhackme for now. But I need more suggestions on road map and also could you please share you interview experience at product based companies for pentesters

8mo ago
ZippyPretzel
ZippyPretzel

I was in security industry before I came to an engineering role before I came to a product based company. Product security is a different beast when compared to traditional service in security, product differs in a few ways. When you’re in product based role your threat modeling and analysis needs to be done by you. Apart from this product security testing needs a system level understanding that you’ll get when you end up engineering some products. Some skills that might help you go a long way in this industry is threat modeling and analysis, cross layer understanding of OSI, elinux and Linux internals, fuzzing, a little bit of programming (few things off of my head). Even for a tradition “pipe hitter” roles in security if you have these skills it’ll be helpful for you.

FluffyQuokka
FluffyQuokka
EY8mo

Following

ZippyPretzel
ZippyPretzel

Following what mate?

Discover more
Curated from across
Product Managers
by CosmicBurritoKPMG

cyber product manager

Need some advice on how to transition to a cybersecurity product based company.

I've got 6 years of experience in cybersecurity. Currently an EM with a Big 4. I wanted to move into the product based companies. Preferably somewhere along...

Software Engineers
by PerkyMochiSecurity Engineer

From Security Testing to SDE - Career Suggestion

Hi Folks,

I am a penetration tester having 7 years of experience. Though I am doing pretty well in my current role, I am not feeling the impact it creates. Security is seen as a support function and does not bring real value other than ...