Various security paths

I'm trying to figure out which area of security I'd be happiest in. I'm currently working on my CEH, and was originally going to go for OSCP, but I don't think I want to do red team work in the long run. I've got the Cisco Cybersecurity scholarship to do their Cyberops cert toward the end of the year, which as I understand it is more blue team oriented. Would I be correct in assuming Cisco CCNA/CCNP/CCIE-Sec is more focused toward blue team goals as well, but with a focus on the hardware. I'm trying to decide if that is a path I want to go down. I think at heart I've always been a hardware guy and I like working with hardware.

Find more posts tagged with

Comments

NetworkNewb

That path would be more of a network security engineer imo. I would not consider it "blue team" even though they might work closely together. That person would be the one setting up and configuring the security appliances though.

Blue team would be the one analyzing the data those security appliances collected.

The blue team would be the ones searching for vulnerabilities, find a way to fix said vulnerabilities, and then work with the Network engineers to implement the fix. (if it was a network vulnerability)

edit: Here is a decent job ad that describes alot of what a blue team person would do:
http://www.rtgx.com/careers/positions/?p=job/oSir4fwp&__jvst=Job%20Board&__jvsd=glassdoor&nl=1

Danielm7

Yes, the Cisco route is blue team. If you want to get a decent overview of different areas of security you might be interested in I'd read this

https://tisiphone.net/2015/11/08/starting-an-infosec-career-the-megamix-chapters-4-5/

"Working with hardware" is relative. You could be a netsec engineer and do firewalls and such, but in the end it's still all software. I've know people to say the same but they were really talking building PCs.

9bits

Alright, that info sheds a little more light on things. I've done some analyzation and vuln-hunting as it is, and I didn't really enjoy it. So perhaps something not red/blue team at all is what would fit me best. Setting up and configuring security appliances is something I'd enjoy more.

NetworkNewb

Daniel's link should be stickied somewhere on this forum

alias454

I agree Lesley's blog should be stickied. Security is an eclectic domain and this mind map is pretty decent https://media.licdn.com/mpr/mpr/AAEAAQAAAAAAAAzUAAAAJGU0MjI2N2VjLTlkM2MtNDUxOC05MDdmLTA0ZTVjZDBhNGE2NQ.png

636-555-3226

I always recommend new people looking to start in InfoSec hit up CompTIA's Security+. It gives you a base-level of knowledge in most areas of InfoSec, so you can figure out where your strengths and weaknesses are and what areas you may be most interested in. It's also one of the cheapest, quickest, & easiest InfoSec certs to get, which sounds like it isn't that good, but it's actually a really good 101-level cert put together by a reputable, globally-known company. Plus many job descriptions ask for it! FWIW, I think Security+ is much better than CEH. CEH is basically Security+ with a "hacker" focus, but it doesn't teach you how to be a hacker and doesn't teach you anything about all the other infosec areas. Hope it helps!

PC509

I agree with the Security+. It gives a broad foundation, and most (if not all) of the knowledge is applicable to whatever course you take in security. No matter the direction you take, that cert and the knowledge gained will be valuable.

infoscrub

NetworkNewb wrote: »

Daniel's link should be stickied somewhere on this forum

This one?
https://danielmiessler.com/blog/build-successful-infosec-career/

I'd recommend learning the parts that interest you over a red team/blue team mentality. I'd also recommend trying to get a strong grasp of the basics. Knowing networking well from doing the cisco path will open up doors to secure/implement/attack/operate cisco stuff. Knowing windows/linux well will open up doors to secure/implement/attack/operate windows/linux.

If you "like working with hardware" I'd recommend becoming an electrical engineer and checking out schools that have a bunch of funding and scholarships for hardware hacking. It looks like a lucrative domain.

Danielm7

infoscrub wrote: »

This one?

Check the 3rd post in this thread by me.

9bits

infoscrub wrote: »

This one?
If you "like working with hardware" I'd recommend becoming an electrical engineer and checking out schools that have a bunch of funding and scholarships for hardware hacking. It looks like a lucrative domain.

Hah! I'm afraid that ship has long since sailed. But if I had it to do over again, I might major in EE.

The info in this thread is helpful, though. I really don't think red or blue team work is right for me in the long run. If I stay in security, I'd probably be happier in a job working with setting up firewalls and security appliances.

SecChi

"setting up firewalls and security appliances" sounds like you want to be a Security Engineer. Those are the folks who add and tune signatures to security appliances, trouble shoot appliance issues, correct mis-configurations and set up, install and test security appliances. Ive worked with lots of them and they tend to have a good knowledge of Linux command line, Microsoft sys admin, Security + (broader security context), some scripting (python) and a love for learning and exploring new technologies.

9bits

SecChi wrote: »

"setting up firewalls and security appliances" sounds like you want to be a Security Engineer. Those are the folks who add and tune signatures to security appliances, trouble shoot appliance issues, correct mis-configurations and set up, install and test security appliances. Ive worked with lots of them and they tend to have a good knowledge of Linux command line, Microsoft sys admin, Security + (broader security context), some scripting (python) and a love for learning and exploring new technologies.

This sounds about right. Haven't really found a good cert path that goes in that direction, though. Perhaps it's premature on my part to contemplate it.

infoscrub

Danielm7 wrote: »

Check the 3rd post in this thread by me.

Oh, that's what I get for skimming.