Scope of System /network Security Pentest

Jul 8, 2021 14 Comments

A friend of mine works as Security pentester and got multiple calls for web app and application PE testing.

Aren’t there anymore network/system related security positions or scope ?

#security

14

comments

Want to comment? LOG IN or SIGN UP
  1. TOP
  2. RECENT
  3. OLD
 TOP 14 Comments
  • Plaid
    fintecht

    Go to company page Plaid

    fintecht
    “X as a service” is growing these days. Infra / network is involved, however, once the base platform is built, it doesn’t undergo many changes as compared to the app itself. Developers are shipping application code multiple times a day. Hence, you’ll see more roles for AppSec / ProdSec.
    Jul 8, 2021 7
  • Apple / Eng
    l🍿l🍿l

    Go to company page Apple Eng

     l🍿l🍿l
    Of course there are, but app security is gaining more popularity due to how it’s the entry point into most services.

    There are still roles for infra pen testing. Generally, it would be nice if you know both.
    Jul 8, 2021 4
    • Apple / Eng
      l🍿l🍿l

      Go to company page Apple Eng

       l🍿l🍿l
      I think most companies wouldn’t. But for some they do. They probably expect you to be able to write scripts for the pentests. I’d expect LC easy and some non-LC scripting stuff.
      Jul 8, 2021
    • OP
      I too have heard that they at least ask basic scripting questions , just wanted to double check if its the case everywhere or only FAANG . Thanks for the input
      Jul 8, 2021
  • Plaid / Eng
    newguy2021

    Go to company page Plaid Eng

     newguy2021
    A ton of infra pen testing is automated now due to companies switching to managed "x as a service" infra.

    Still, I'd say about a third of "appsec/prodsec" is threat modeling, which commonly covers alot of infra if you are doing it right.

    Added to that is that many orgs require yearly pen tests for compliance and the code is changing much more often than the systems and it just makes sense for appsec pen tests to take the front seat
    Jul 8, 2021 0