Webinar Series: Purple Teaming - Validating Detection & Response Capabilities
This article was originally posted by Purpose Jobs. Reposted with permission.
---
While they jokingly call themselves “the 25-year-old startup”, NetWorks Group is anything but a joke — neither is the work they do.
NetWorks Group is an Ethical Hacking and Managed Security Services Provider (MSSP) with offensive security, defensive security, and compliance practices. Founded in 1997, they have over 25 years of experience delivering services that improve security outcomes.
So why this self-given nickname?
“We have all the energy and culture of a startup, but the wisdom and knowledge of a much longer-standing organization,” says David Howard, president of NetWorks Group.
The industry of security is fast evolving and they have to stay competitive. Like a startup, you can’t get comfortable with the status quo.
“We fail fast, iterate, understand what works and what doesn’t, and keep moving forward.”
Their services are designed to provide organizations with a clear, risk-informed understanding of their security with a unique approach that helps reduce costs and increase efficiency while staying ahead of cybercriminals.
Pretty exciting stuff, huh?
The only way that the ethical hackers of NetWorks Group can make this happen is by constantly staying current on the latest threats and security trends.
“This is the most active part of our job. The only way in which we can, with confidence, assert that a client environment was more secure today than yesterday is if we know what to look for. We consume everything actively all the time. I truly can’t overstate that enough,” says Chris Neuwirth, a NetWorks Group Ethical Hacker.
The ethical hacking team at NetWorks Group is dedicated to educating themselves on a daily basis through a myriad of resources — RSS feeds, following social media influencers in their field, industry experts, and their own individualized research.
Putting the knowledge to use is the fun part. Especially when utilizing newer, or more popular technology — enter ChatGPT.
ChatGPT is incorporated into the day-to-day work at NetWorks Group. It’s used for phishing campaigns, writing reports, and even creating viruses to help with testing and solutions.
Chris says, “If I’m using it on a daily basis to continuously refine my craft, so are the bad guys. It’s an extremely helpful tool, but on the other end it’s creating threats for our customers.”
As part of their drive for constant innovation, NetWorks Group started a mentorship program in which new ethical hackers participate in a rigorous 6-week training to get them as prepared as possible for the real deal.
“Education is a core tenant in being a successful ethical hacker,” says Chris. He comes from an educational background, so his willingness to lead the mentorship program comes naturally.
So how does it work? The new ethical hackers spend their 6-week program getting hands-on training with the team for hours each day.
“There’s nothing quite like it. Ethical hacking is a relatively small community with some form of onboarding here and there, but ours is the most customized and ensured to be high quality, beyond just mimicking what others are doing,” says Chris.
The lesson plans closely follow the work they’ll do after the program. Plans include mapping the external attack surface, identifying vulnerabilities, enumerating internal networks, and performing a myriad of attacks. It’s all about assuring the junior testers display core competencies early on so that the team has complete trust in turning them over to client work.
The mentorship program is designed to establish expectations for new hires right away, as well as what their end goal is. Then a very clear path is set for them to achieve that goal.
“Our job is to translate their foundational skills into something we can be certain aligns with our tested methodologies - to know that we’re confident to make our clients more secure.”
Although they are based out of Ann Arbor, Michigan, NetWorks Group has a fully remote company. After the COVID-19 pandemic shut the world down, they decided not to renew their office lease and instead focus on hiring the right people based on their skill set and mentality, over their location.
The NetWorks Group team tries to get together in person whenever possible, especially for the hackers to work on an engagement in person when applicable.
There’s a big focus on collaboration and they find the team can be inspired by one another whether they’re in the same timezone or not.
When it comes to finding new people to join the team, it’s all about finding the right person, over the right resume — and letting those people shine.
“When it’s time to hire, look for Amazing people — and let them be amazing. We don't get in their way,” says David. “[We] don’t get overly prescriptive as to how somebody's day needs to flow. When Chris or somebody on his team is working on a penetration test, there's nobody telling him what order to do things or what tools to use. He has the goal in mind and we insist that he brings his unique talent and perspectives to solving that, and that's really the case across everything that we do.”
It's about finding the right people with the right attitude and aptitude and setting them loose on it. Those who are passionate, curious, and have a need to constantly be learning do well.
“I’ve heard this before and it wasn’t true,” says Chris, “so when I interviewed with NetWorks Group I was skeptical, but they really mean it. It is wholeheartedly the truth.”
At NetWorks Group, they’re not just talking the talk, they truly are walking the walk. And that’s what makes them a great place to work.
###
Published By: Alli Kelly, Purpose Jobs
Publish Date: March 1, 2023
Security news, tips, webinars, and more straight to your inbox.