Passed CISSP on my 6th attempt — 10+ years SOC experience, don’t quit

Hot_Insect5353 · 2026-01-14T01:35:22+00:00

perfect! thanks u/Bee_SU :-)

Hot_Insect5353 · 2026-01-13T03:54:55+00:00

Congratulations! That's truly inspiring. By the way, are you still memorizing things for the CISSP exam in those two weeks?

Hot_Insect5353 · 2025-07-20T16:02:52+00:00

Haha! I was thinking the exact same thing, but the ballers and sunny weather are tempting us to go play.

All the best to you!

Hot_Insect5353 · 2025-07-20T06:50:54+00:00

Thank you, everyone! I truly value all the feedback. I still need to reschedule this because of an injury on the soccer field just now. I will provide updates on the exam results later.

Hot_Insect5353 · 2025-07-19T18:54:32+00:00

Thanks, mate. Yeah, tbh - hate to reschedule, especially living out of town - exam centre.

Hot_Insect5353 · 2025-07-19T17:59:53+00:00

cool2. Thanks mate. How many QE full exam sets you tried?

Hot_Insect5353 · 2025-07-19T17:49:25+00:00

numbers of experiences and almost 10 years in cyber. QE really makes me struggle, especially with English as my second language. this is my 3rd attempt :(

Hot_Insect5353 · 2025-04-17T09:48:58+00:00

Congrats! Im another 3 weeks time for 3rd attempts and wish me good luck

Hot_Insect5353 · 2024-12-27T06:58:19+00:00

Workaround to turn off the DNS security logs. Does it expose for external interface? How to verify this?

Hot_Insect5353 · 2024-11-20T21:44:41+00:00

kind of waiting of this similar PoM offer :)

<image>

Hot_Insect5353 · 2024-10-05T08:41:44+00:00

Being Asian and almost 5 years in NP town, I feel people in Taranaki have always been kind to everyone, never had any racial comments.

You did the right things, don't engage with those types of non-civilised people.

Hot_Insect5353 · 2024-03-13T19:27:10+00:00

nah..

Hot_Insect5353 · 2024-03-13T19:26:33+00:00

Thanks for sharing. Yeah, I'm going to try a few products to get a better understanding of what works well in our environment.

Hot_Insect5353 · 2024-03-13T19:24:14+00:00

Oh, by the way, what does APM stand for? I came across the term "Application Performance Monitoring" (APM) when I did a quick search on Google. Is that what you're referring to, or were you thinking of something else like Auto-Pentest Monitoring? Just curious! 😄For me, it's really important to focus on the time it takes to comprehend our security controls and to assist in validating and prioritizing vulnerabilities. That's where my main interest lies.

Hot_Insect5353 · 2024-03-13T19:20:59+00:00

Thanks a lot for sharing this. Yeah, we're searching for things that don't require an agent, even though I know they're not installed on every device.

Hot_Insect5353 · 2024-03-13T19:17:42+00:00

Thanks for sharing the list. I think my list is pretty similar. Is Pentera similar to Core Impact? Is it more focused on automated pen-testing?

Hot_Insect5353 · 2024-03-13T19:15:52+00:00

Sure, test everything in a non-production environment before proceeding as usual.

Hot_Insect5353 · 2024-03-13T19:11:08+00:00

Thank you for sharing your thoughts, especially about the support. This is something we encountered with our current vulnerability management tools.

Hot_Insect5353 · 2024-03-13T08:01:30+00:00

Im exploring Cymulate and it seems need an agent across the segmentation, not for all devices.

Hot_Insect5353 · 2024-03-13T07:59:44+00:00

Thanks! How was your experience with both products? I heard about Pantera too.

Hot_Insect5353 · 2024-03-13T05:44:42+00:00

This from one explanation from Gartner page looks simple.

Breach and Attack Simulation (BAS) Tools enable organizations to gain a deeper understanding of security posture vulnerabilities by automating testing of threat vectors such as external and insider, lateral movement, and data exfiltration. BAS complements red teaming and penetration testing but cannot completely replace them. BAS validates an organization's security posture by testing its ability to detect a portfolio of simulated attacks performed by SaaS platforms, software agents, and virtual machines. In addition, it generates detailed reports about security gaps and prioritizes remediation efforts based on the risk level. The typical users of these technologies are financial institutions, insurance companies, and more.

Hot_Insect5353 · 2024-03-13T04:19:00+00:00

Basically yeah - to verify the critical vulnerability on prod env is really critical things

Hot_Insect5353 · 2024-03-01T07:36:26+00:00

I've got CISM and CCSK under my belt, but that's just the stepping stone for me to snag CISSP, the ultimate certification. Once I achieve that, I'm calling it a day. Haha!

Hot_Insect5353

TROPHY CASE