So You Want to Be a Security Researcher?
Here is how its done!
So you want to be a security researcher?
Security researchers need a broad set of skills to investigate a constantly-changing threat landscape.
But if you broaden your spectrum you may end up being a jack of all trades.
Therefore specializing in areas such as reverse engineering or data pipe forensics will boost opportunities for you.
They use that information to track adversaries and groups by the attack methods they have deployed.
One side of research is academics.
Go to a university, study, study more, do a PhD, and voila!
you are a researcher.
The other way is to start by the field work.
You will then be able to rely on that experience to catch on the theory which you initially neglected.
Either way, the two key ingredients arespending timeandlearning theory, not necessarily in that order.
Learn everything about this topic, and if you explore this topic far enough will find something new.
A CVE on your resume will work wonders during a job interview.
In the security industry right now web applications are king, closely followed by mobile applications.
Master theowasp top 10,hack DVWAandhunt for bugs in open source web applications.
Write exploits for these flaws, report them to the developer and obtain a CVE number.
Search for breadcrumbs left by cyber criminals.
Once you understand the execution part, you are more closer to being a security researcher than you think.
Remember, a life of a security researcher is hard.
Sometimes they are arrested by police even forreporting flawsorexposing leaksin public.
It also helps to study a particular hacker like the member ofHacking Team who published his exploits online.
source: www.techworm.net
