Due to being a total n00b in the AppSec field, I've been doing all sorts of trainings, networking, competitions, etc.
I never really did these sorts of things as a developer because I already know all there is to know.
But it turns out I'm pretty good so far.
PortSwigger Web Academy is an online "Learn to Hack" program designed to teach people to use Burp product.
I was the 11th person to finish all 197 modules.
Crushed this one. It was a full day tournament where you identify security risks in code, and then identify fixes.