Home page logo

basics logo Security Basics mailing list archives

Re: Starting up as a security consultant
From: Matt - MRS Security <matt () mrssecurity com>
Date: Thu, 06 Nov 2008 20:33:43 +0000

Nick Owen wrote:
Idowu Odigie wrote:
Hi All!

I will like to start up as a security consultant.  Be on my own.  I
have "played" (work) with linux for about 5 years now.  I have
installed, upgraded kernels, setup network, "played" with IPtables,
done some pentesting with a box, gained entrance into other systems
from the box, wrote some scripts with perl and python.

But I feel there is need for a formal training or framework for me to
base my security consultancy on.  Any Ideas please!

I would recommend taking a different approach to starting a business.
Instead of asking the question of what training you should get that you
can base your business on, ask what you security challenges you should
base your business on and what certificate would support that effort.

A good market will make starting out on your own much easier.  For
example, many small businesses are moving away from managing their own
mail server and going to Google Apps or similar services.  This creates
different security implications and is a potential opportunity. PCI
compliance is another potential market.  "What certs help a consultant
get PCI work?" might be a better way to frame your thoughts.

Just .02 from the entrepreneurial side...


As the world slowly falls apart economically companies will slowly reduce service that they buy including penetration testing. However, as PCI is a regulatory requirement it wont be part of the cost cutting exercise.. Just reduced to some degree.. But that is dependent on the PCI QSA and the acquirer/card brand...

Couple of hints there : )

My 0.02p

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]