A measured response to be sure. Thanks for writing it up. I'm definitely not the one who's going to tell you for sure what CloudFlare should or should not do in this case or any other cases. It's a tricky business to be in in terms of making those decisions. That said, I do think there is a line to be drawn SOMEWHERE, and because of this they would eventually need to deplatform something. If that signals to the regimes of the world that Cloudflare can be influenced than so be it, but to me (and I think a lot of the people who were going after Cloudflare during this time), Nazi's (and those sites you mentioned, e.g. Kiwi Farms) are easy to draw lines for. Good thing I'm just a dude on Lemmy and not a high powered CF exec hah!
AWS has their own first-party certs if you want something vendor-specific (I’m sure Google and Msft have similar). ISC^2 has something too https://www.isc2.org/certifications/ccsp
Yeah that's definitely how I approached my site to begin with. A. a place for me to write about stuff I personally want to remember and go back and look at. and B. a place where I could share information I have that I repeatedly tell others. Over time though, I found that people did indeed like to read what I had to say and found it useful. This is always a bit shocking for people who write, it's a great feeling to know others read your stuff haha. I think I'm an OK writer but I certainly have a unique-ish style. The world needs more indie writers with unique voices and styles. Too much of the Internet has become SEO farming trash and AI generated nonsense. Us "real", authentic humans have to take it back.
Why not both? I love my site and always work to make it unique. But I also like to write and have “useful” content. Check this out to find more cool things on the IndieWeb https://shellsharks.com/indieweb#explore-the-indieweb
Pure appsec certs off the top of my head… OSWE, GIAC GWAPT (and others from SANS), Portswiggers Burp Suite cert, OffSec also has a 200-level appsec cert. I’m sure there are other popular ones too.
Yeah infosec is pretty huge. Do you have an idea more specifically of what you want to do? Like what type of role are you looking for or skills would you like to have?
Hard to give you a definitive answer on this one. I'd say you'd be hard-pressed right now to pull that off without a direct referral or other networked way-in. Job market is condensing, lots of (experienced) out-of-work folks looking for new roles, etc... If you aren't already in infosec, or you're not a full-time dev with some security knowledge, it will be tough. Your best bet (roughly) on things to add to your skills/portfolio would be...
Proficiency with one or more languages that your target role company uses (and evidence of this XP)
In-depth knowledge of OWASP "stuff" (Top 10, ASVS, etc...)
Practical XP with attacks/exploits (via experience, CTFs, trainings, Web Security Academy, etc...)
shellsharks @ shellsharks @infosec.pub Posts 292Comments 266Joined 3 yr. ago
A measured response to be sure. Thanks for writing it up. I'm definitely not the one who's going to tell you for sure what CloudFlare should or should not do in this case or any other cases. It's a tricky business to be in in terms of making those decisions. That said, I do think there is a line to be drawn SOMEWHERE, and because of this they would eventually need to deplatform something. If that signals to the regimes of the world that Cloudflare can be influenced than so be it, but to me (and I think a lot of the people who were going after Cloudflare during this time), Nazi's (and those sites you mentioned, e.g. Kiwi Farms) are easy to draw lines for. Good thing I'm just a dude on Lemmy and not a high powered CF exec hah!