2011/01/01 - work
I am going to have to back-date this a bit as I am writing it in Decemeber 2019. But I thought what I was doing at the time was important.
My friend Mike had been creating a security scanning tool for about 6 months, very similar to this PCI toolkit from 403 Labs
We read and implemented the PCI Data Security Standards on our own systems. We use Nessus and Waptiti with additional tests for frameworks in different languages. The company had some excellent success with Google bug bounty program. It even earned us seats on Google Security hall of fame.
We attended DEFCON. A conference I love to recommend to anyone trying to understand the industry of computer security deeper.