Various security paths

9bits9bits Member Posts: 138 ■■□□□□□□□□
in Other Security Certifications
I'm trying to figure out which area of security I'd be happiest in. I'm currently working on my CEH, and was originally going to go for OSCP, but I don't think I want to do red team work in the long run. I've got the Cisco Cybersecurity scholarship to do their Cyberops cert toward the end of the year, which as I understand it is more blue team oriented. Would I be correct in assuming Cisco CCNA/CCNP/CCIE-Sec is more focused toward blue team goals as well, but with a focus on the hardware. I'm trying to decide if that is a path I want to go down. I think at heart I've always been a hardware guy and I like working with hardware.
· Share on FacebookShare on Twitter

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    That path would be more of a network security engineer imo. I would not consider it "blue team" even though they might work closely together. That person would be the one setting up and configuring the security appliances though.

    Blue team would be the one analyzing the data those security appliances collected.

    The blue team would be the ones searching for vulnerabilities, find a way to fix said vulnerabilities, and then work with the Network engineers to implement the fix. (if it was a network vulnerability)

    edit: Here is a decent job ad that describes alot of what a blue team person would do:
    http://www.rtgx.com/careers/positions/?p=job/oSir4fwp&__jvst=Job%20Board&__jvsd=glassdoor&nl=1
    · Share on FacebookShare on Twitter
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    Yes, the Cisco route is blue team. If you want to get a decent overview of different areas of security you might be interested in I'd read this

    https://tisiphone.net/2015/11/08/starting-an-infosec-career-the-megamix-chapters-4-5/

    "Working with hardware" is relative. You could be a netsec engineer and do firewalls and such, but in the end it's still all software. I've know people to say the same but they were really talking building PCs.
    · Share on FacebookShare on Twitter
  • 9bits9bits Member Posts: 138 ■■□□□□□□□□
    Alright, that info sheds a little more light on things. I've done some analyzation and vuln-hunting as it is, and I didn't really enjoy it. So perhaps something not red/blue team at all is what would fit me best. Setting up and configuring security appliances is something I'd enjoy more.
    · Share on FacebookShare on Twitter
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Daniel's link should be stickied somewhere on this forum icon_thumright.gif
    · Share on FacebookShare on Twitter
  • alias454alias454 Member Posts: 648 ■■■■□□□□□□
    I agree Lesley's blog should be stickied. Security is an eclectic domain and this mind map is pretty decent https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAzUAAAAJGU0MjI2N2VjLTlkM2MtNDUxOC05MDdmLTA0ZTVjZDBhNGE2NQ.png
    “I do not seek answers, but rather to understand the question.”
    · Share on FacebookShare on Twitter
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    I always recommend new people looking to start in InfoSec hit up CompTIA's Security+. It gives you a base-level of knowledge in most areas of InfoSec, so you can figure out where your strengths and weaknesses are and what areas you may be most interested in. It's also one of the cheapest, quickest, & easiest InfoSec certs to get, which sounds like it isn't that good, but it's actually a really good 101-level cert put together by a reputable, globally-known company. Plus many job descriptions ask for it! FWIW, I think Security+ is much better than CEH. CEH is basically Security+ with a "hacker" focus, but it doesn't teach you how to be a hacker and doesn't teach you anything about all the other infosec areas. Hope it helps!
    · Share on FacebookShare on Twitter
  • PC509PC509 Member Posts: 804 ■■■■■■□□□□
    I agree with the Security+. It gives a broad foundation, and most (if not all) of the knowledge is applicable to whatever course you take in security. No matter the direction you take, that cert and the knowledge gained will be valuable.
    · Share on FacebookShare on Twitter
  • infoscrubinfoscrub Users Awaiting Email Confirmation Posts: 14 ■□□□□□□□□□
    NetworkNewb wrote: »
    Daniel's link should be stickied somewhere on this forum icon_thumright.gif
    This one?
    https://danielmiessler.com/blog/build-successful-infosec-career/

    I'd recommend learning the parts that interest you over a red team/blue team mentality. I'd also recommend trying to get a strong grasp of the basics. Knowing networking well from doing the cisco path will open up doors to secure/implement/attack/operate cisco stuff. Knowing windows/linux well will open up doors to secure/implement/attack/operate windows/linux.

    If you "like working with hardware" I'd recommend becoming an electrical engineer and checking out schools that have a bunch of funding and scholarships for hardware hacking. It looks like a lucrative domain.
    · Share on FacebookShare on Twitter
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    infoscrub wrote: »
    This one?
    Check the 3rd post in this thread by me.
    · Share on FacebookShare on Twitter
  • 9bits9bits Member Posts: 138 ■■□□□□□□□□
    infoscrub wrote: »
    This one?
    If you "like working with hardware" I'd recommend becoming an electrical engineer and checking out schools that have a bunch of funding and scholarships for hardware hacking. It looks like a lucrative domain.

    Hah! I'm afraid that ship has long since sailed. But if I had it to do over again, I might major in EE.

    The info in this thread is helpful, though. I really don't think red or blue team work is right for me in the long run. If I stay in security, I'd probably be happier in a job working with setting up firewalls and security appliances.
    · Share on FacebookShare on Twitter
  • SecChiSecChi Member Posts: 6 ■□□□□□□□□□
    "setting up firewalls and security appliances" sounds like you want to be a Security Engineer. Those are the folks who add and tune signatures to security appliances, trouble shoot appliance issues, correct mis-configurations and set up, install and test security appliances. Ive worked with lots of them and they tend to have a good knowledge of Linux command line, Microsoft sys admin, Security + (broader security context), some scripting (python) and a love for learning and exploring new technologies.
    · Share on FacebookShare on Twitter
  • 9bits9bits Member Posts: 138 ■■□□□□□□□□
    SecChi wrote: »
    "setting up firewalls and security appliances" sounds like you want to be a Security Engineer. Those are the folks who add and tune signatures to security appliances, trouble shoot appliance issues, correct mis-configurations and set up, install and test security appliances. Ive worked with lots of them and they tend to have a good knowledge of Linux command line, Microsoft sys admin, Security + (broader security context), some scripting (python) and a love for learning and exploring new technologies.

    This sounds about right. Haven't really found a good cert path that goes in that direction, though. Perhaps it's premature on my part to contemplate it.
    · Share on FacebookShare on Twitter
  • infoscrubinfoscrub Users Awaiting Email Confirmation Posts: 14 ■□□□□□□□□□
    Danielm7 wrote: »
    Check the 3rd post in this thread by me.

    Oh, that's what I get for skimming.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.