Hey guys, I always write articles, share posts from some sites that I follow and find relevant. Among these various experiences that I have been exchanging with professional friends, the question that always comes to mind is:
“Where do I start studying to migrate to safety?”
I decided to write how I am following my Cybersecurity Analyst career, what I studied and have studied. An objective that I have always put as a premise in my IT life is “If I am going to study something, I will study very well and with a theoretical framework (books)”. Some areas that I studied, and help until today when I do a behavioral analysis of a possible infection, a pentest, a vulnerability exploitation and etc.
I recommend that you study the concepts of networks, protocols / ports most used, their details and weaknesses. Main commands used when troubleshooting. And when I talk about testing networks, I’m not talking about using only the ping command.
When I talk about the basics, I’m not telling you to study all the tools in the world, such as firewalls, WAF (Web Application Firewall), IPS (Intrusion Prevention System), IDS (Intrusion Prevention System), Web Filters, Application Control. I am recommending that you build a good base of how the tools work, if you change the product to be proprietary or Open Source, you will only have to adapt to the product interface, because the concept of operation is similar.
This topic still has great relevance in my studies. You ask yourself “But why would I have to learn to operate Hypervisors if I intend to work with Cybersecurity?” Then there comes the big balcony that helped me to evolve a lot. Cool when you learn to work like XenServer, Hyper-V, VMware, VirtualBox, XenProject and etc. This contributes a lot when you need to do labs for studies or simulate some vulnerability. When you need to test certain malware to identify behaviors.
In my opinion, one of the most important qualities that a Cybersecurity professional must have is knowing how to operate the main OS used in the world very well, that is, Windows and Linux. I see many professionals who have trod a whole career over a single OS and today I found it difficult to learn a new one or even resistance. The great thing about you getting a good understanding of each system is that you will never have difficulties when you need to validate vulnerabilities, do a hardening, pentest and other activities.
I recommend studying the distributions below from Microsoft:
As for Linux, even though there are several distributions I recommend studying the main ones, the others are derived from them:
When you build a good foundation on these distributions, the others are easier to operate on a daily basis.
This is the part that in my opinion many professionals with Cybersecurity Analyst signatures on Linkedin sin … they are what I call security professionals who only operate tools and do not know a single point of the theoretical concepts in the area. Once during a chat with a security professional, I asked how you can prevent SQL Injection attacks on your company’s applications, I heard the following answer “I monitor requests, and when I see a significant increase in requests I block the origin for a while “. A tip I always leave to people who ask me for guidance is not to be a professional Script Kid, that is, who only knows how to literally run scripts or get them ready on the internet and has no idea what the tool or script does. Today, the market is already full of professionals so I suggest you study, do not give up in the first difficulties, persevere, research, participate in forums and groups. Believe this enriches learning a lot when you propose to share knowledge. One of the characteristics that attract me in the world of Free Software is this spirit of sharing and helping others.
The study of the English language is nowadays essential, most IT tool manufacturers have their specialized support outside Brazil, and they only speak English or Spanish.
I hope I helped, let’s discuss it.