Podcast recap: Fuzzing, security testing and tips for a career in AppSec


In this episode of Infosec’s Cyber Work Podcast, host Chris Sienko welcomes back previous guest Dr. Jared DeMott. In the previous episode, the topic was all things IoT security. This episode covered more of Dr. DeMott’s skills, delving specifically into fuzzing, dynamic analysis, security testing and AppSec tools and concluding with some tips about how you can enter this same field yourself. 

A few words about guest Dr. Jared DeMott

Dr. Jared DeMott is the CEO and founder of VDA Labs and an accomplished author. He regularly speaks about vulnerabilities at conferences such as DerbyCon, RSA, Black Hat, ERCon, TourCon and HITB and has been on three winning Capture the Flag Teams at DevCon. Jared previously served as a vulnerability analyst with the NSA, and he holds a Ph.D. from Michigan State University.

The appeal of AppSec

In life, you have to expect some unexpected surprises. While always somewhat interested in technology and engineering as a kid, Jared thought he’d maybe go into the Air Force Academy. His parents weren’t confident of this choice, preferring his second choice of going to college instead.

Like many, DeMott was set to work at a big company doing Unix IT admin stuff, a common and quite lucrative career. At the last moment, he got a call from an organization he never heard of. They said, “We’re the NSA. You should fly to Baltimore and we’re going to give you an interview.” DeMott thought, “Hmm, what do you guys do?” and they said, “Well, just talk about it when you get here.”

Jared entered the field early and was able to leverage that. With the blessings of the people he met and the skills he gained, he was able to earn a master’s degree, write a book (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: