I would like to start making money in cyber security industry on my own name (freelancing / my own business). Currently, I work for big international company (~100k people) as a penetration tester, but I would like to work for myself.
I have skills (and proveable experience) in the field, so I would like to do something like ethical hacking contracts and such services.
My question is, how do I get contacts? How do I prove people that they need me, and should pay me to test their networks? It's not like I can "hack in" out of blue and then tell them that their network is not secure.
>>1384061
bump, since I am completely out of ideas
>>1384061
My idea was to do tests for free, and companies would pay me only if I would be able to breach them. But that doesn't resolves my problem - lack of contact in such companies.
Bug bounties
>>1384061
>penetration tester
sounds like my kind of industry
in all seriousness, you gotta start at the bottom. Just put together a website and portfolio of your work in the industry and advertise yourself to companies and whatnot.
Honestly, Fiverr may even open doors for you
>>1384061
op why don't you go blackhat? just a curious question.
>>1384749
>Why don't you do illegal things and live a life of crime
Good question, really smart
>>1384061
Give the client high level findings for free; sell remediation coupled with the results as follow on; settle for selling just the detailed results and interpretation thereof and industry comparison if asked; name drop relevant regulations to the perspective; speak confidently
Ok, so what is the first step in Pen Testing?
Recon......
Use the skills you have developed to recon a company to identify senior directors and IT managers.
You will have to make contact with them and 'sell' them. This can be achieved by phone or email.
I have an MSc in Comp Sec and just started the CEH course. I want to start a company myself and have a few reasonable ideas to explore. But i'm fully aware that i will have to get on the phone at some point and make things happen.
If you see this OP, I don't know where you are in the world, but i'm always looking to make new contacts in the industry. A web pen test for example can be done from anywhere.
If you see this message and want to connect, post up an email address and i will contact you.
>>1384061
Freelance cyber security means you give up the secrets of the company network protocols to the highest bidder. Plus you'll make more money either as a blackhat or grey. Banks and I mean big banks have been extorted of tens of millions of dollars through hacks by blackhats.