5 min read


AMA with Calum Boal

  • What is your advise for a person who is working in a blue team (SOC) to shift to Red teaming /Pentesting or cloud security. What skills/certs he need to work (pls provide your inputs on both scenarios)

    • Got a blog here which is the best answer i can give to this question

  • What should a Bachelor’s degree holder with a CEH do to get an entry level position in infosec industry ?

  • How to get a job as a security analyst/security engineer/pentester/red teamer before graduation? I mean how a college/university student can manage to join any organisation or company in any IT security role that I’ve mentioned above.

    • Dunno what the job landscape where you are is like, but probably by getting some respectable cert like OSCP. It’ll help companies see that you’re viable even though you’re not finished your course. Good rank on hackthebox may help too if you cant afford OSCP.

    • May be worth trying to get an internship as opposed to a full role as well as they typically expect students to be applying. Check the blog I wrote here for more info

  • Does a college degree in computer science or associated fields necessary for landing in a job in this field? does it give a upper edge in selection process? how much welcoming is the info-sec field in case of career for person with master’s degree in non technical field.

    • Would say you need some way to demonstrate your knowledge, so if you do bug bounty, highlight your profile and what bugs you’ve found etc. Certs don’t hurt, although wouldn’t bother with anything other than OSCP, at least in the UK anyway. HTB profiles can serve a similar purpose

  • Do you have a mentor or someone in the community who has inspired you?

  • I don’t have burpsuite pro version so how to find my first bug without burpsuite and which type of bug you prefer to find bug without use of burpsuite…?

    • most of the features of burp are in the free edition, there are a few helpful ones like intruder, search, and the ability to save projects in the pro version though. You can emulate intruder with python or ffuf, and you can use logger++ for history search

  • I see you have a day job . How do you find time for Bug Hunting and learning

    • I don’t do a lot of bug bounty. Sometimes I get spurs of motivation for it and do some hunting, but more often than not I get burned out if I spend all week doing testing and then doing testing in my free time. I like coding and music so tend to do more of that in my free time. Often I write automation stuff for bug bounty and hunt that way. More for just fun projects than bounties though, it’s cool to make stuff which can scan millions of assets for you.

      • What about learning new stuff

        • I learn quite a lot while working, but I also maintain lists of things I want to learn and work on and then set time aside to work on those things when I have the time.

  • What is your take on HR screening the resumes using certifications like OSCP ? There are many people who are skilled but cannot afford these certifications . Do you think the industry give so much value to the certifications than necessary ?

    • We don’t throw out resumes without these certs, we look at all resumes properly. However, having OSCP can highlight that a potential hire has at least a baseline level of knowledge. These are helpful for people trying to break into the industry, or grads

    • There are other ways to prove you have a baseline knowledge though, for.example, a good hackthebox rank and some blog posts. It depends on the company as well at the end of the day, as some companies have the capacity to train new hires whereas others need people ready to work

    • So yeah, in some places where they won’t hire without certain certs they are definitely given too much weight, but if just used to give an employer an idea of what you know they certainly have their place. OSCP isn’t perfect, although the new updates are good

  • According to you is there a certification that stands out from others ?

    • I’d say, in the UK anyway, that OSCP is probably the only one worth your money. Portswiggers web security academy is great for web apps though, and free

  • How do you conduct an interview for a junior position ? What all skills do you look for ? Do you give more importance for the basics like for eg:- if the candidate knows TCP/IP OSI models , how http works OR you look for real practical skills ?

    • We look for both. We ask questions around key background areas for both web app and infrastructure testing, and then questions around security and practical aspects. Nothing too out there, just trying to gauge to what degree people know topics. Often open ended questions.

    • If you have the textbook stuff down that’s great, often our questions can go beyond that into newer techniques and research but it’s generally to gauge how much someone knows as opposed to being required that they can give the perfect, complete answer.

    • Stuff like explain ssrf, it’s impact, and how that impact can differ depending on the environment the vulnerable host is located in. Or explain Kerberos and subsequently why attacks such as kerberoasting are possible.

  • how you guide me foe oscp. What should i do to test my skills and get closer to oscp. I wanna complete my oscp in next 6 months.