Interview with CyberSecurity Talent: Ethan



1) A bit about yourself
Everyone call me Ethan. I am just one of the Cyber Security Enthusiastics like others.


2) What made you become obsessed with CyberSecurity?

I have been interesting in Cyber Security (Defensive) since I was young. I only interested how to secure my systems and network even when everyone was talking about the programming. My interest was getting stronger when I found out what I could do with the registry in Windows XP. I still remember that I was having fun to use bootable CD and reset the admin password and other students' passwords when I was in Systems Engineer class.

Unfortunately, I  couldn't have a chance to pursue my interest a lot as resources were not be found as easily as they are right now back in 2005-2008.

3) Please share how you achieved OSCP certification / any recent certification if any.

If you are looking for an inspiration story, you won’t find it here because I just don’t have it. But if you are looking why did I take an exam and decided to become an OffSec Certified Professional, keep reading.

It was a funny story how did I become an Offensive Security Certified Professional. I didn't have a plan to go for an offensive side as I was more into defensive at first. The reason I switched side is that I just tired of those people who identified themselves as hackers and how great they are at hacking.

I myself is a doer, not a talker (I never like big-mouths). Therefore, I was searching the best certificate in the industry and goes for it. After several hrs, this sentence, "Created by the founders of Kali Linux", did catch my eyes. I thought maybe this certificate can shut the hell off talkers' mouths. (at least in front of me)

Then, I was reading feedbacks about this certificate and I saw that people described this certificate as a real deal compare to other certs such as CISSP, SANS, CEH, etc. There is only way to find out whether it's a truth or not ...  you go for it.

You can pass the exam if you pay enough attention and a little research/google. I am not saying that OSCP exam can be passed easily either since I also did put a lot of energy into it.

This is where my full-time penetration testing career has started and I was really enjoyed it. After couple years later, I was bored what I was doing. I was bored because I wanted more, I wanted to get the full chain of the systems whenever I am testing. In order to do that, I need to understand more and up-to-date with the defensive controls. This is why I am working as a Threat Hunter in one of the best Blue Team in Singapore.

4) How do you foresee yourself in next couple of years?

I will become a better Penetration Tester/Red Teamer who can avoid/evade most of the defensive controls.

5) What do you like to tell about anyone pursuing cybersecurity?

I worked as a Systems Engineer and Network Engineer like most of people in Myanmar. I am really bad at coding. I am lazy. I have no passion like Ko Aung Khant, Ko Ye Yint, Kyaw Thiha and Kaung Htet. It is highly likely that you don't even heard my name before.

Even I can do it, there is no way you cannot do it. Give yourself a shot. Put your energy in it. Do not waste your life by doing what others have already done. Do something different, something better. This is an era of Cyber Security. So, Buckle up! Pass your exam, get your axx out of there and face the real enterprise in here. We always need a talented people like you.

Following are the certifications I've achieved so far.

OSCP, OSWP, CERT CPSA, CERT CRT-Pen, VCP6-DCV, LPIC Sys Admin, MCITP (2010), CCNA (2010), MTCNA, MTCUME,  CIW v5 Associate.

6) Please share how someone can follow you.

Stop using social network. Be a professional and add me on LinkedIn, via the url mentioned below, if you wish.
http://linkedin.com/in/ethan26k

Focus on your study.  Never limit yourself over the words of random people.

Popular posts from this blog

Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution

SSL Breacher - Yet Another SSL Test Tool

OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities (CVE-2012-0872)