Security Basics mailing list archives
Re: Security Analyst essential reading for "dummies"
From: Mark <markto () widen com>
Date: Tue, 19 Apr 2011 10:41:00 -0500
Understand that this is a simplified reply to Andi question but I really liked the way "Walter" said it and is how I have "looked" at security for years also. .... Walter wrote: There are literally hundreds of different sites/resources/blogs covering InfoSec. SANS is a very well respected security training organization and frequently has columns/papers discussing infosec careers. They even have a top 20 infosec job list: http://www.sans.org/20coolestcareers/ As someone who's been in the field for going on 6 years now, my personal perspective is that there are 2 very broad categories in InfoSec careers: defenders (blue team) and white hat attackers (red team). Pentesting, vulnerability assessments, application security assessments and the like fit into the latter category. Internal information security jobs such as firewall admins, security analysts, security architects, and risk management/security policy development and the like fit into the former category. Broadly speaking, you will find more excitement and action in the red team space because you will typically be exposed to a lot of different environments especially if you become a consultant. Blue team work tends to be more constant where you are in charge of a single environment and are managing risk to that environment. So I suppose that one way to think about this decision is to think about what is more exciting to you (finding vulnerabilities/weaknesses and reporting them, or the satisfaction of knowing that your work is keeping your employer's network safe). Another thought to consider is that you could also work for a company that makes infosec products (A/V vendors, IDS/IPS vendors, identity management vendors etc). A final closing thought; it has been my experience that you will get more satisfaction as an infosec professional if you manage to find a position where your role is not considered a pure 'cost center'. Many blue team internal security teams tend to be understaffed/overworked/underbudgeted because infosec is not seen as a profit center for many organizations. Organizations which genuinely care about information security tend to invest more in infosec and will have better funded internal security teams. Finding such organizations tends to be rare however because infosec initiatives are driven mainly by compliance for many companies, and few orgs really like investing money into compliance initiatives. However, other organizations, especially service providers tend to be more genuinely interested in infosec because it can help improve their bottom line. Personally, I'm a 'blue team' guy, but I have found the most satisfaction working for an infosec vendor. For us, infosec is obviously a profit center ;) Good luck, Walter Our 4 cents, Mark On Tue, Apr 19, 2011 at 6:05 AM, Morris, Andi <amorris () uwic ac uk> wrote:
Hi all, I potentially have an opportunity to move into a Technical Security Analyst role in the next few weeks providing I don't mess up the interview. I have a basic-to-intermediate understanding of ISA, vlans, routing, hardware firewalls etc through generally supporting them in a broad term throughout my last few jobs, but I've never been as involved as this role would lead me into. I currently have "Hacking Exposed: 6th Edition" to read through and wondered whether there are any essential books, websites, online forums that will give me the knowhow to step forward into the role. Thanks in advance, Andi ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Security Analyst essential reading for "dummies" Morris, Andi (Apr 19)
- Re: Security Analyst essential reading for "dummies" Mark (Apr 19)