[livingparadox]

Seeing stuff like this, I want to get into comp-sec. It always sounded interesting, and it looks like it pays well...

[akerl_]

I'd put this in the same category as mobile app dev. There are a few people making money by the truckload, plenty of people making a decent living, and lots of folks who strike out.

If it's something you're interested in, go for it. I just worry that people see this like the promise of gold in a faraway land and go rushing in, not thinking about the real distribution of success.

[JabavuAdams]

Good old power-laws.

[shill]

It pays well if you are the guy that has hacked GitHub twice.

[Anderkent]

Remember that you only see the interesting stories and successful investigations. Before making such a decision you should try to arrange a chat with someone already doing comp-sec, and figure out how much time they spend on all the other stuff.

[knocknock]

Anyone know some good beginner reading material for someone interested in learning this kinda stuff?

[big_youth]

I recommend grabbing a copy of Web Application Hackers Handbook[0] and try hacking vulnerable vm's[1].

I see that your a sysadmin so if network hacking is more you speed I would download Metasploit[2] and start hacking old linux or windows distros.

[0]http://www.amazon.com/The-Web-Application-Hackers-Handbook/d... [1]http://itsecgames.blogspot.com/2013/07/bee-box-hack-and-defa... [2] http://www.metasploit.com/