Hi!<p>I'm a software engineer with a sweet tooth for security - I've spent a lot of time and energy building skills and working on security-related topics (e.g., applied cryptography, hardware-backed security). I'm also keen on continuing my growth and using my free time to learn more, sharpen new skills. The question for me is, given the current wave of interest in ML and that most research seems to go into this topic (including, obviously, new jobs being advertised), would it make more sense to get at least some basic experience with ML instead of expanding in a different area of security? There's plenty of things that I'd like to learn, and only so much time available, I'm curious what the crowd here thinks makes more sense from an "opportunity cost" perspective.<p>An obvious route would be to try to combine the two and see if I can get ML security/privacy experience. Not sure how well the two topics synergise.<p>I'm aware of the caveat that all of this is very personal etc., the framing of my question is more... probabilistic :)<p>Thanks!
Sorry to hijack your question, I'm also software engineer with focus on security and one thing that has troubled me is where I should continue learning within security for the purposes of staying competitive (I have no issue learning to learn!). Seems like AI and Web3 (smart contract auditing) security flood my x feed, curious to know your thoughts on good skills to have for the future 5 years within security.
I think some exposure to ML is going to be pretty important to most areas in IT, including security. A bit like how whether you want to be in coding, security, ops, management etc, you probably should know a bit of software architecture. I reckon ML has become less niche and moved into a more mainstream discipline in the field where some exposure will be important to anyone.<p>So I'd say put enough time into it to at least understand what it does, why people use it, and some of the key terminology, so you can hold your own in a professional conversation involving ML.<p>ML does also have some specific applications in security (anomaly detection etc).