In a month, I begin a new internship for a Fortune 100 company. Having already spoken with a member of the security team, I can expect to be placed in one of four areas in IT security, including web application security and forensics/incident response. I have a gut feeling I'll be involved with web app security, and hope to learn a lot from the internship. This month and May, I'll be pouring through OWASP documentation and a lot of RSnake's, Jeremiah Grossman's and pdp's previous posts. Perhaps I'll even pick up the book on XSS; RSnake posted Chapter 5 and the TOC of his book at his site. If I'm not in this field, that's okay... learning isn't a bad thing; I really enjoy a good challenging, learning experience.
To assimilate quickly with the corporate environment, I've been reading as much documentation as I can - internal policies and processes, information located on the corporate intranet, various group sites, etc. Anything I could read, I have or will. I'd like to know as much as possible before coming in, so my first day will be less overwhelming.
I'm interested in hearing your thoughts on internships. This will be my second internship, and it's nice to get around and see what different companies and their people are like. What should an intern expect -- duties and responsibilities wise -- on a corporate security team? What advice would you give to new interns? How do you work to fit in at a new company?blog comments powered by Disqus