About The Guest:
Jason Downey is a pen tester at Red Siege, a boutique pen testing firm. He has been in the industry for almost three years and specializes in network pen testing, social engineering, and physical assessments. Jason has a background in network administration and security, and he is passionate about sharing his knowledge and helping others in the industry.
Summary:
Jason Downey, a pen tester at Red Siege, joins the podcast to discuss his journey into the world of pen testing and the importance of networking and building relationships in the industry. He emphasizes the need for a strong foundation in networking fundamentals and active directory knowledge. Jason also shares his favorite resources for learning infrastructure pen testing and highlights the collaborative nature of the industry.
Key Takeaways:
- Building a strong network is crucial in the information security industry and can open up opportunities for job prospects and knowledge sharing.
- Networking fundamentals and active directory knowledge are essential for successful pen testing, as most corporate infrastructures rely on these technologies.
- Specializing in a specific area of pen testing can be beneficial once you have a solid foundation and understanding of the fundamentals.
- Online resources such as Google, Hacktricks XYZ, and ired team can provide valuable information and guidance for learning infrastructure pen testing.
Quotes:
- "The power of your network is crucial in the information security industry. It can help you bypass the traditional education, experience, and certification requirements." - Jason Downey
- "To break something, you have to know how it functions first. Understanding the fundamentals is key to successful pen testing." - Jason Downey
- "Active directory knowledge is mission critical in pen testing, as most companies rely on it for their infrastructure." - Jason Downey
Socials and Resources:
https://twitter.com/hackandbackpack
