Hey guys..

A quick note for those who have not yet attended our Combat training.

On Combat, lots of the pracs seem impossible.. but after guys bang their heads on it for about 3 hours the lightbulb switches on. The major thing to consider is that in Combat (or question of the week), its pretty obvious that the app _is_ vulnerable and can be hacked. The important lesson to note is that the impossible becomes possible bit by bit with some background knowledge (which u all have) and a belief that it _can_ be hax0red.

This becomes a self fulfilling prophecy. Those guys that go into the assessment knowing that the app/site/environment can be taken will take it. I know it sounds lame.. but you just have to believe. When we talk to corporates we tell them things are getting better and our hitrate isnt as good as it was in the early days.. Its true that in the early days we had 110% hits with unicode, but i go into every engagement expecting full ownage. So far.. its worked 100% for me..

During the QA in the past while we have had several reports that changed from possibly, maybe a problem to full blown ownage.. missing ingredient... belief that it cld have been done..

If you work at SP, you didnt get here because of your good looks. It may sound lame, but we are already convinced that you can get ownage, you just need to start believing it too..

Self confidence + passion + know-how is literally unstopable.