

Ask HN: How to get started in Computer Security? - krmboya

I've been in software development for a while now. News on HBGary, Anonymous, Wikileaks etc shows there's a lot going on in the Computer Security field. For those already in the field, are there some good online resources or books that you would recommend for one getting started, or particular skillsets one should have?
======
david_shaw
I generally look for people that have a background in either systems
administration or coding. Depending on what area of security interests you
(there's a lot of difference between malware analysis and, say, compliance pen
testing), different specialties may come in handy. For web application
testers, it makes sense to have some experience with web programming.

Although this certainly doesn't ring true everywhere, at my company we use
Linux and BSD almost exclusively for our tools. Although I would never reject
a candidate based on their distro of choice, being intimately familiar with
linux and command line tools is a must. You'd be surprised how many people are
confused by even simple tasks in other operating systems.

The most important thing you can do, however, is show that you're passionate
about the subject. Do security related projects, stay current on news in the
field, publish your work if you can. Attend conferences like DEFCON if you
can, and if not at least try to catch videos of some of the talks.

The field is growing and loves to find new, bright, interested talent. It's
hard to separate people with a real, keen interest in security and a
background to support it from the kids that try to bullshit their way through,
though. Be honest about your skillset, your interest level and your
background, and it will all fall into place.

------
broohaha
[http://www.amazon.com/Web-Application-Hackers-Handbook-
Disco...](http://www.amazon.com/Web-Application-Hackers-Handbook-
Discovering/dp/0470170778)

Awesome book covers EVERYTHING with practical instructions + a comprehensive
checklist.

------
krmboya
Thanks guys, guess i better get to work

