i made a decision this month to leave my position as cyber security engineer for the company i was working for. i didn’t quit for anything related to the actual company, rather it was moreso issues with myself. at any rate, i wanted to focus more on offensive security and security research and i needed a bit more flexibility in my life in order to do so.

// health issues >

last year, in october, i had two mini heart attacks and had to have a pacemaker installed. this was due to blood vessel and arterial shrinkage caused by prolonged elevated blood sugar levels. in short, i was not paying attention to what i was consuming and my diabetes was unchecked. this exacerbated any minor blockages due to the shrinkage and… well… yeah.

before then, i had already switched over to a carnivore/low carb diet to try to correct the issue. however, this was too late to prevent what ultimately ended up happening. i do feel that it helped to save my life as it could have been much worse had i not adopted those changes two months prior. this was proven when my a1c was below a 7 (it had been above a 10 for well over a year… possibly longer) in less than 90 days. the nurses and doctors were baffled because they had not heard of anyone lowering their a1c in such a short period of time.

after leaving the hospital, i couldn’t walk more than a few paces before feeling like my heart was going to explode. today, after nearly two months of cardiac therapy, i feel like i am at a good place and recovering well–well enough that my doctor said it could be possible to remove the pacemaker if i continue to show progress.

// put up or shut up >

while i would love to say that my life flashed before my eyes and i was shown the truth about this world in a fleeting dream-like nde, unfortunately it wasn’t anything as grand or whimsical as that. i just can’t see myself working 10 to 12 hour days to make someone else rich. in order to get my health, both mental and physical, back on track, i had to leave my 6 figure job.

it wasn’t an easy decision to make. my team expressed their sadness at the thought of me leaving, but i felt it necessary to put my family and myself first this time around.

i am taking this opportunity to push forward with my ultimate life goal of becoming an independent bug bounty hunter and security researcher. while i still consider myself a security engineer, i no longer hold that official title in a corporate capacity. i’m ok with this.

// research and bbh >

i need to finish setting up my account on bugcrowd, but i already have an account set up on hackerone which i used in the past. i have started seriously looking at one of the public programs available and i am fully committed to finding and submitting some bugs.

instead of taking the normal skiddie route of running scanners or automated tools to find low-hanging fruit (and likely end up with informative or duplicate submissions), i am focusing on static analysis and breaking down how the application works through the flow of code. obviously, i am planning on using automation for recon or other areas of testing, but i want to force myself to rely on my own ability to break web apps apart and understand them to find more impactful flaws.

once i have a stable routine down, i plan on conducting research to (hopefully) contribute novel attacks and pocs.

// eof >

now that i have a bit more time to contribute to this blog, i will try and do so routinely.