Cristi Vlad

Share this post

Cristi Vlad
Cristi Vlad
How to get Pentesting and Appsec Clients
Copy link
Facebook
Email
Notes
More

How to get Pentesting and Appsec Clients

(the Unconventional approach)

Cristi
Nov 15, 2022
1

Share this post

Cristi Vlad
Cristi Vlad
How to get Pentesting and Appsec Clients
Copy link
Facebook
Email
Notes
More
Share

How do I get pentesting and appsec clients?

This is yet another question that I’m being asked often. I'm gonna cut straight to the chase. I am not a big fan of conventional hiring, HR interview,s and job test. Unless I'm on the other side, the hiring side.

I'm not into freelancing either, such as getting a project here and there, without a solid relation­ship with the people and companies you are working with. I’m more into developing strong, long-lasting business relationships. I'm also an entrepreneur, whereas I fail and I failed to build multiple streams of income.

Now that you know my approach let me also tell you how I get clients. Of course, I'm not going to fully disclose or give you all the details because this is an in-house secret. And I'm not gonna pretend to do so either.

The underlying idea is basically really. And if you’re a smart person, you will fill in the blanks without having me put all my cards on the table. After all, this is a free online video...

It's all about the connections you make and the people you know. Of course, you need to bring to the table some solid technical skills and expertise. So how do you connect with the right people?

Well, that's not the first question you need to ask. The first question actually is, how do I showcase my skills? And one good answer is:

  • build a blog and post your write-ups

  • build a YouTube channel around your skills

  • participate in hands-on cybersecurity platforms and rank on the leaderboards

  • tweet with added value so that others can benefit.

  • build a GitHub portfolio with your scripts

  • put all that onto your resume

Obviously, you need to take off your hoodie and show yourself and your skills. And this dispels the myth of the unknown hacker from the basement, which of course nobody knows of. That might have been cool in the past...

You’ve done all that. Now, what about the clients?

Again, you won’t go through conventional hiring. You want to be one of the thirsty hundreds who apply for jobs and accept low pay as a compromise.

You are a hacker, so act like one. You will be adding value in discord conversations, Twitter feeds, as well as LinkedIn posts. You will contribute to open projects and causes for the good of all of us.

While you're doing this, you are identifying key people that could facilitate a business relationship, a pentest contract, or an appsec project and start naturally interacting with them. More often than not, opportunities are going to present themselves sooner rather than later.

But don't just go and spam people and act needy like a dog for a bone. That's very unprofessional and it puts people off.

I've told you more than enough. Now go away!

If you want to get updates on stuff I’m doing:

1

Share this post

Cristi Vlad
Cristi Vlad
How to get Pentesting and Appsec Clients
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

No posts

Ready for more?

© 2024 Cristian Vlad Zot
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More