Notes inspired by this page.

á       Large Enterprises: Usually Fortune 1000 companies

á       Federal Sector (DoD): NSA, DISA, CIA, etc.

á       Federal Sector (non-DoD): FDA, DoE, DoJ, etc.

á       Big consulting non-specialized: Usually personnel that work on a lot of different things (E&Y, Crowe Horwath, Deloitte)

á       Big consulting specialized: Usually personnel who work on specific teams (NCC Group, IOActive, Optiv)

á       Small consulting: Usually specialized by virtue of their size. Dozens of companies check out AMA #1 and #2 for some of the best in the US. More likely red-team/pen-testing rather than defense.

á       Security Software Product/SaaS: Attack driven turnkey solutions to combat APT and improve your ROI to reduce the threat landscape in the cloud *barf* (FireEye, Tenable, HP Enterprise Security, etc.)


 

Most common enterprise roles

á       CISO/CSO

á       Team Managers

á       AppSec SDLC

á       App Security Architect

á       Assessments: Code audits, app pen-tests, full-scope pen-test, network pen-tests, WLAN, etc.)

á       Compliance

á       Forensics

á       Server/Endpoint security engineer

á       Incident Handler

á       Network Security Engineer/Architect

á       Policy

á       Fraud Team (E-Commerce)

á       Researcher

á       Reverse Engineer


 

Most common consulting roles

á       Service delivery consultant (junior/senior/manager)

á       Customer relationship managers/account managers

á       Sales/new biz development

á       Non-delivery roles (PM, tech reviewers, schedulers, etc.)

á       Marketing security research


 

How to learn web application securityÉ.do these things well:

1.      Know everything in these books backwards and forwards: http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470[1] http://www.amazon.com/The-Tangled-Web-Securing-Applications/dp/1593273886[2]

2.      Know all the major points of HTTP. Read the O'Reilly HTTP book,[3] or get crazy and read theHTTP 1.1 RFC

[4] (highly recommended)

3.      Know burp suite, backwards and forwards...know every feature and find a way to try the feature out.

4.      Write up vuln webapps in different languages (Ruby/Node.JS/Python/PHP) get to the point where you can write a small twitter clone in a couple languages ("small" means around six views & six models)

5.      Read-up and practice source auditinghttps://trailofbits.github.io/ctf/vulnerabilities/source.html[5] find some random web apps on github (find urls.py or whatever common webapp framework files) and find every vuln in them.

6.      Read and understand expert write-ups explaining their exploits and bug bounty findings:http://sakurity.com/blog[6] https://blog.bugcrowd.com/[7] https://fin1te.net/[8] , etc.

7.      Hack some "hack me" appshttps://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project[9]https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project