Geek Answers Handbook

How to become a security expert?

I have been programming for over 10 years using various programming languages ​​on several platforms / technologies / protocols.

I am going to switch my career and become a security expert. How do i get started? I would appreciate any tutorials, books, blogs that will help me gain knowledge of the security domain.

I would like to focus on the area of ​​wireless security.

+4
source share
7 answers

There are many areas of competence in the field of security, so it depends a lot on what you want your career path to look like. At the end, bit bytes have penetration testing and a “security study” (which is often “cataloging programming errors” as an actual study). More strategically, there is “risk management” that often spends most of the time for non-technical reasons, such as appropriate budgets, education and response.

Blah, blah, blah, but how do you get started, right? Perhaps the best author on the "big picture" is Bruce Schneier . He is a cryptographer, but he focuses on things like security psychology, social attacks and how to really think about security. Crypto-Gram is required to read how to think in this space.

In areas with bits and bytes, you probably want to find out in which area you are most interested in digging (Windows, wireless, Internet, physical, iPhone, the list goes on and on). If I had to choose one paper, I would start with Smashing The Stack For Fun and Profit . Still, all these years later, the best introduction to the key attack class and how technical attacks work as a whole. If these types of attacks really interest you, my favorite book on this subject is the Handcoder Handbook . His attacks are old; many of them will no longer work as they are. But they form the basis of how many attacks are still made today.

If you want to move the “value chain” to “business-oriented security” (and learn how to use such phrases without quotes), you should start work on CISSP . People can discuss as long as their blue color does not become CISSP really something. Answer: this means getting a job when CISSP is a requirement. My feelings on CISSP? Any true security professional should be able to pass it on. Thus, this is a good basic certificate for whether you are a true security professional, what it should be). He teaches the general terminology that has grown in the security world, and the study of terminology is part of the professional (as in any other profession from law to engineering). CISSP is very wide, and studying this will give you a much better idea of ​​which areas you are interested in, even if you never sit at the test. There are tons of books in the CISSP; All in one is good. Reading this volume will not make you a security expert, but it will introduce you to what security experts know.

My experience in risk assessment. For many years I traveled around companies, evaluated their environment and told them what to fix in order to protect their most confidential information. Probably the most useful training for me was IAM (NSA Infosec Assessment Methodology). Now it is updated in the new ISAM. He focuses on figuring out which parts of the infrastructure really matter, and then protecting them. The most important security tool I used: Powerpoint to make slides that let the client understand what they need to understand and implement. And a decent suit. Understanding this material is one thing. You need very strong technical skills; what is given. But in reality, the difference requires a lot of people’s skills, presentation skills, project management and follow-up. This is what separates "from professionals."

+13
source

Hackers do not learn, they play.

The same answer applies differently. You cannot be an expert unless you have fun. Try creating a simple basic security website. Then try to hack it. Attempting to hack a site will teach you more about security than about any book.

+6
source

If you want to gain knowledge in the field of computer security, first you need to decide on your task in this area, since computer security is a big field with many possibilities. Some of the potential areas include:

  • Software Development Security
  • Computing Architecture
  • Wireless security
  • Information Technology Security (every day)

and there are probably many others that I don’t encounter. Of course, there are general topics that cover all these areas (AKA, the basics), but if you have an idea of ​​what interests you the most, this will help narrow your search.

From now on, I would recommend hitting your local library or bookstore. Start reading books and see which ones start at a fairly high level and expand from there. Get online and start your search. There are some great sites with lots of good security information , and you can get good points jumps for more information.

As for the term “hacker,” that’s not what you want to tag these days over. Although the computing community has a different term for this, the world as a whole sees hacking as a criminal activity.

I hope this helps.

+3
source

A little background before the recommendations.

I have always organized the real work of ensuring application security and network security. If you want to configure firewalls and run nmap, test your wireless installations, analyze the logs and do more sysadmin-y data in network security. If you enjoy finding bugs, defend apps. We mainly overpay QA, and your time will be spent searching for security problems in the application. Most application protection jobs these days are web applications.

As for the roles, you can work in the company’s security team or as a consultant.

So, first I would say that you want to be more than a security dude, because it is a bit narrow focus. If you want to do the work of securing your wireless network, you will have great luck as a consultant and most of your days will be safe to establish wireless communications for the company or quickly evaluate their existing wireless network settings.

If you have a programming background, I would recommend looking at application security, you can break things down in smart ways, rather than build them. Some things for google, phrack, owasp and our industry’s bibles are the "art of software security." If you read this book, you can agree with the assessment of security knowledge, which is a set of little things, with each security assessment you study your little things and try to find ways to violate what you are looking for.

Your first step should really be configured on the web server and the vulnerable website, and try to break into it, try xss, try SQL injection, scan it with nmap and see which ports are open. take a look at the webgoat project, which is a collection of intentionally corrupted software for this purpose.

+2
source

I made this transition.

btw, the security expert is too broad in my opinion. You will need to specialize in some areas.

If this is the security of web applications - start reading sites / blogs of industry experts: (for example, http://jeremiahgrossman.blogspot.com/ )

Read the 10 OWASP vulnerabilities and make sure you understand how they all work (for example, how someone can use / use CSRF)

Prepare and obtain industry certification (e.g. CISSP)

Learn, study, study!

+1
source

Although effective answers are given in more detail, I want to add that “The greatest risk comes from within” is the canonical paradigm in work. First, learn cryptography to get you started - there is a lot of prior work documented in the Java source code. My thoughts on this matter at the moment wish that someone who did the work (infosec), studied the accounting controls in parallel with the well-known cryptographic - all you can do is revolve around access control and trace records ... if the most the big risk comes from inside how you protect yourself from it, when the majority of web traffic consists of games and, at the same time, difficulties arising from the operations arena, when most users do not want to know how the machine works.

You must understand that browsers expose consumer-grade operating systems for traffic. Think about what traffic really is. One example - only in the last few years (authority) (which should know better) (with legal authority) instructed our store to send all the names for authentication on one sheet of paper with related information on this paper. The controller for the store refused without any crypto training, even remotely.

Wyatt Barnett’s remarks, although attracting attention from unwanted observers, contain key fields for viewing, and hacking ipv4 shows the value and worth of Wyatt snarkle. There are too many features of many Isatvits keyboard users who are exposed to people who watch Criminal Minds every night on television. In this context, Security Theater becomes a Threat Theater, more suitable for the Troma movie than properly constructed for accounting controls that are suitable for an area where someone can bind% 20 to the end of the URL - most users cannot understand this problem, even if only something like salt or vector IV.

It is too easy to become someone a pawn; this is a well-known and expected area of ​​knowledge for those who will carry out this work. It is that you are here to protect your property from your employer. In this case, you will be disappointed with the power for the machine, which you must protect, not knowing many of the basic requirements and practices. This is difficult when most of the security cases (infosec) that force him to dispute the review center on statements made by people who practically do not study in this matter or (more likely) using software that they could not write themselves.

For wireless communications, I would study the technique already installed in it. I looked at it for the router that I bought - it is quite enough if it is correctly installed and supported. To understand how this works, this is an almost complete study of cryptographic and core networks. There will be plenty of material to study.

+1
source

For an easy and fun way to get started (and learn all the time), listen to the Steve Gibson Podcast Safety Now! on your computer.

To start thinking in terms of security, read Bruce Schneier . Although his latest book (Schneier on Security) is not too technical, it puts you in the right mindset.

Jason's answer is very good; specialization is important. Computer forensics is another large area.

0
source

More articles:


All Articles