Notes inspired by this page.

       Large Enterprises: Usually Fortune 1000 companies

       Federal Sector (DoD): NSA, DISA, CIA, etc.

       Federal Sector (non-DoD): FDA, DoE, DoJ, etc.

       Big consulting non-specialized: Usually personnel that work on a lot of different things (E&Y, Crowe Horwath, Deloitte)

       Big consulting specialized: Usually personnel who work on specific teams (NCC Group, IOActive, Optiv)

       Small consulting: Usually specialized by virtue of their size. Dozens of companies check out AMA #1 and #2 for some of the best in the US. More likely red-team/pen-testing rather than defense.

       Security Software Product/SaaS: Attack driven turnkey solutions to combat APT and improve your ROI to reduce the threat landscape in the cloud *barf* (FireEye, Tenable, HP Enterprise Security, etc.)


Most common enterprise roles


       Team Managers

       AppSec SDLC

       App Security Architect

       Assessments: Code audits, app pen-tests, full-scope pen-test, network pen-tests, WLAN, etc.)



       Server/Endpoint security engineer

       Incident Handler

       Network Security Engineer/Architect


       Fraud Team (E-Commerce)


       Reverse Engineer


Most common consulting roles

       Service delivery consultant (junior/senior/manager)

       Customer relationship managers/account managers

       Sales/new biz development

       Non-delivery roles (PM, tech reviewers, schedulers, etc.)

       Marketing security research


How to learn web application these things well:

1.      Know everything in these books backwards and forwards:[1][2]

2.      Know all the major points of HTTP. Read the O'Reilly HTTP book,[3] or get crazy and read theHTTP 1.1 RFC

[4] (highly recommended)

3.      Know burp suite, backwards and forwards...know every feature and find a way to try the feature out.

4.      Write up vuln webapps in different languages (Ruby/Node.JS/Python/PHP) get to the point where you can write a small twitter clone in a couple languages ("small" means around six views & six models)

5.      Read-up and practice source auditing[5] find some random web apps on github (find or whatever common webapp framework files) and find every vuln in them.

6.      Read and understand expert write-ups explaining their exploits and bug bounty findings:[6][7][8] , etc.

7.      Hack some "hack me" apps[9]