One of the common complaints I hear about application security professionals is that the supply of these engineers is not meeting the demand. As sensitive data breaches are becoming more common, the need for a skilled and experienced security team has never been higher, but the path to gain those skills and experience is not defined well. But there are some skills needed by security pros that are often overlooked. The video below, which was presented at the CONASIN conference in December 2014, describes my path into application security and the skills that I use daily as a senior application security instructor for Security Innovation. We may be known for our technological wizardry, but security isn’t just about finding SQL Injection vulnerabilities and compromising databases.
