I have been thinking about this issue for a long time. According to my own experience and discussions with friends, I have come to some conclusions. Network security
This concept is too broad, so I will use the security service/infiltration post as the object of comparison. You can refer to:
programmer:
advantage:
1. The salary is very high. This year, the school recruits large companies generally 24K*15
2. There are many jobs, no matter whether it is a big city or a small city, there are jobs everywhere
3. Greater sense of accomplishment during study
4. Abundant learning resources, many websites have complete tutorials (such as station B
There are many well-established tutorials)
shortcoming:
1. The 35-year-old laid-off rumored on the Internet
2. Serious overtime work, daily 996, or even PDD
3. The pressure of competition is high, and dozens of people apply for a position, which is highly replaceable
4. Gradually attach importance to academic qualifications, and now the threshold for major factories is basically a book or 211 to start
Penetration/Secret Service:
advantage:
1. Compared with programmers, it is easier and less overtime
2. The content of work is more "cool" than that of programmers, and they say that they are white hats
3. The pressure of employment is relatively small, and the pressure of competition is small
4. I don’t pay much attention to academic qualifications. As long as the technology is strong enough, a junior college can get more salary than a master’s degree
5. Mining bugs and submitting SRC can make a small amount of money
6. Compared with programmers, they rely more on experience and experience to make a living, which means that they may become more popular as they get older
shortcoming:
1. The salary is much lower than that of programmers under the same level of effort, talent is more important than diligence
2. The tutorials are incomplete, and it is difficult to find free and reliable ones
3. It is difficult to have a sense of accomplishment during the boring period of study
4. The employment threshold is higher, and it cannot be learned in a few months
Not low education and computer foundation
Students can get an R&D offer from a big factory by doing some algorithm questions and memorizing some face-to-face experience; if a security post wants to get an offer from a big factory from Party A, it can’t be solved by surprise in a few months. Most of them learn security from junior high school and high school . Party B ’s security service requirements are relatively low, but the salary is far lower than that of the development post
Regarding how to choose, I have summarized the following items, and welcome your comments and suggestions:
(1) If you have a comfortable family background, you don’t have to worry about buying a house , buying a car, marrying a wife and having children in the future, and you don’t have to worry about low wages and a decline in your quality of life. Then I think you should follow your heart and choose anything
(2) If you are about to graduate in your senior year, do not plan to take the postgraduate entrance examination and have no foundation, and want to find a job with a higher salary. Then I suggest that you choose a programmer, regardless of the front-end and back-end. If you choose safe you may be disappointed
(3) If you have been interested in hacking since childhood, have perseverance and perseverance, can think for several hours to solve a problem, and are more willing to stick to your ideals than salary, then I suggest you continue to work hard, learn security in depth, and do Bigger and stronger
The security industry is not suitable for those who are passionate about it for three minutes, nor for those who only talk about it but have no practical ability, and it is not suitable for friends who want to make quick money.
Of course, no matter how you choose, the safety technology
Learning as a hobby is a very good choice; as a job, I suggest you think twice.
In the end, I chose the direction of security development : developing firewalls, developing penetration tools, etc.
This path is actually not recommended for everyone, because there are much fewer positions than the front-end and back-end, but the requirements are higher. If you have a development level, you need to understand security theory and penetration testing . However, the salary is not higher than that of traditional front-end and back-end development. It can be said that it is cost-effective. Very low selection. I chose this path more because of ideals than making money.
I have also compiled some network security information for you below. If you don’t want to find them one by one, you can refer to these information.
video tutorial
SRC&Hacking Technical Documentation
Hacking Tools Collection