Ready to Start Your Career?
April 3, 2018
Make a Pentester's Salary - Here's Where to Start
April 3, 2018
The Ethical Hacking Salary: What’s a Good Starting Point?Cybersecurity is the fastest-growing subset of IT as organizations look for ways to shore up network defense and reduce the risk of a large-scale data breach. As noted by Forbes, U.S. companies are looking to fill more than 200,000 infosec positions but simply can’t find the personnel — and this cybersecurity skills gap is predicted to widen over the next five years.The result? It’s a great time for IT pros interested in cybersecurity to make the jump, and one particularly in-demand area is ethical hacking. But what can you expect as an ethical hacker? What are your job responsibilities? What qualifications are required? And what’s a good starting point for an ethical hacking salary?Wearing the White Hat — What do Ethical Hackers Do?Ethical hackers are often called “white hat”, meaning they use their training and talents to benefit businesses rather than attempting to illegally breach or infiltrate systems. Blackhat hackers are the other end of the spectrum as the “bad guys” motivated by greed or politics, while “grey hat” hackers fall in the middle — mostly operating within the law but occasionally breaking the rules.According to IT Pro, ethical hackers are often motivated by curiosity: They want to know how network systems work, discover ways these systems can be fooled or made to fail and create better defenses which are more resistant to hacker efforts. In terms of day-to-day job responsibilities, ethical hackers perform multiple duties, such as:
- Penetration Testing — With the approval of managers, ethical hackers attempt to penetratenetworks and discover weak points in existing IT security. This helps reduce the chance ofhackers finding the same exploit and provides a framework for businesses to improve overalldefense.
- Application Hacking and Hardening — Ethical hackers look for ways to “break” mobile and webapplications in development. This ensures apps don’t go live with critical flaws; instead, they’resent back to devops for revision and further testing. In addition, ethical hackers find ways to“harden” applications, such as preventing users from inputting custom SQL queries or injectingcode into corporate web applications.
- Security Strategy Development — Using their knowledge of current (and emerging) attackvectors, ethical hackers develop long-term business strategies that help predict potentialavenues of attack and stop malicious actors before they access critical systems.
- Certified Ethical Hacker (CEH) — The oldest and most well-known certification, CEH testing runs around $1000. Best bet? Get ready for CEH with ethical hacking prep courses; gain the knowledge and skills you need to confidently challenge the exam.
- SANS GIAC Penetration Tester (GPEN) — The SANS Institute offering runs $6000 for the course and $1700 per exam attempt. The course covers practical penetration testing skills that ethical hackers use on a day-to-day basis.
- Case-in-point: This is why Cybrary was founded, to help provide barrierless entry into the field of cyber security so that no one has to pay a ridiculous amount of money to learn.
- The Offensive Security Certified Professional (OSCP) — With a focus on offensive compromise — the exam requires students to compromise multiple virtual operating systems within 24-hours and document their process — the OSCP has gained a reputation for both high difficulty and high value. Costs run around $800 per course and students must have a solid working knowledge of Kali Linux.
- https://www.forbes.com/sites/jeffkauflin/2017/03/16/the-fast- growing-job- with-a- huge-skills-gap-cyber- security/#7de316fe5163
- https://www.itpro.co.uk/hacking/30282/what-is- ethical-hacking- white-hat- hackers-explained
- https://www.pcmag.com/feature/354224/7-huge- bug-bounty- payouts/2
- http://resources.infosecinstitute.com/certified-ethical- hacker-salary/#gref