![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
school me on how security engineer or security analyst do?
- Thread starter umcpgrad
- Start date
Security engineers are usually the guys who work on the securing side of the equation. The guys who setup firewalls, IDS, auditing, etc.
Security analysts usually are the attacking / probing side of the equation. They are the pentesters, they are the guys who do audits for ISO, PCI, HIPAA etc. Basically the auditors are the break it guys and the engineers are the fix it guys.
However most likely you will become a sysadmin or network engineer with a security specialization, or go work for a security firm and be a network security consultant. People understand they need to secure their networks, however they don't want to pay for it (unless they are a large IT centric organization like say google) so they hire an outside group, or they just staff another IT position with someone who can do both their job and security. If you are looking for a path in security your best bet into the field is find a security group looking for an intern.
For tools grab yourself a copy of the Backtrack 5 suite and start learning the tools. Armitage and Nessus are going to be your two most commonly used attacking tools in the real world so those are the best to get practice with (though some of us really hardcore 1337 guys will call you a skiddie) . There used to be pre created VMs on the metasploit website that had common setups of XP and linux to be used for attacking, but I couldn't find them anymore to link them. Pretty much just setup a bunch of VMs in a lab and build a "typical" corp network (AD, sharepoint, FTP, web server, SQL). Books I really couldn't help you on as a lot of this stuff you can't learn by reading, you learn by doing. However metasploit, offensive security, and Room 362 all have excellent security realated blogs, as well as active security related webforums to go poke around on. There is a web show called Hak5 on revision3 that is all about security and hacker culture. They don't just openly show you how to pop boxes (well not so much anymore, they used to have some really good tutorial segments, and HackTip is sort of getting back to that) however they give you some really good ideas on projects etc for you to learn stuff on your own.
Security analysts usually are the attacking / probing side of the equation. They are the pentesters, they are the guys who do audits for ISO, PCI, HIPAA etc. Basically the auditors are the break it guys and the engineers are the fix it guys.
However most likely you will become a sysadmin or network engineer with a security specialization, or go work for a security firm and be a network security consultant. People understand they need to secure their networks, however they don't want to pay for it (unless they are a large IT centric organization like say google) so they hire an outside group, or they just staff another IT position with someone who can do both their job and security. If you are looking for a path in security your best bet into the field is find a security group looking for an intern.
For tools grab yourself a copy of the Backtrack 5 suite and start learning the tools. Armitage and Nessus are going to be your two most commonly used attacking tools in the real world so those are the best to get practice with (though some of us really hardcore 1337 guys will call you a skiddie) . There used to be pre created VMs on the metasploit website that had common setups of XP and linux to be used for attacking, but I couldn't find them anymore to link them. Pretty much just setup a bunch of VMs in a lab and build a "typical" corp network (AD, sharepoint, FTP, web server, SQL). Books I really couldn't help you on as a lot of this stuff you can't learn by reading, you learn by doing. However metasploit, offensive security, and Room 362 all have excellent security realated blogs, as well as active security related webforums to go poke around on. There is a web show called Hak5 on revision3 that is all about security and hacker culture. They don't just openly show you how to pop boxes (well not so much anymore, they used to have some really good tutorial segments, and HackTip is sort of getting back to that) however they give you some really good ideas on projects etc for you to learn stuff on your own.
Security engineers are usually the guys who work on the securing side of the equation. The guys who setup firewalls, IDS, auditing, etc.
Security analysts usually are the attacking / probing side of the equation. They are the pentesters, they are the guys who do audits for ISO, PCI, HIPAA etc. Basically the auditors are the break it guys and the engineers are the fix it guys.
However most likely you will become a sysadmin or network engineer with a security specialization, or go work for a security firm and be a network security consultant. People understand they need to secure their networks, however they don't want to pay for it (unless they are a large IT centric organization like say google) so they hire an outside group, or they just staff another IT position with someone who can do both their job and security. If you are looking for a path in security your best bet into the field is find a security group looking for an intern.
For tools grab yourself a copy of the Backtrack 5 suite and start learning the tools. Armitage and Nessus are going to be your two most commonly used attacking tools in the real world so those are the best to get practice with (though some of us really hardcore 1337 guys will call you a skiddie) . There used to be pre created VMs on the metasploit website that had common setups of XP and linux to be used for attacking, but I couldn't find them anymore to link them. Pretty much just setup a bunch of VMs in a lab and build a "typical" corp network (AD, sharepoint, FTP, web server, SQL). Books I really couldn't help you on as a lot of this stuff you can't learn by reading, you learn by doing. However metasploit, offensive security, and Room 362 all have excellent security realated blogs, as well as active security related webforums to go poke around on. There is a web show called Hak5 on revision3 that is all about security and hacker culture. They don't just openly show you how to pop boxes (well not so much anymore, they used to have some really good tutorial segments, and HackTip is sort of getting back to that) however they give you some really good ideas on projects etc for you to learn stuff on your own.
thanks.
Analysts also do the internal audit, not necessarily on the technical side either. A lot of security is looking at policies and procedures. It's a bit more mundane, but quite important. Seeing if there are policies / guidelines / procedures for device hardening, and are they being followed. Is there adequate physical security in place; does Gladys in accounting know that she's not supposed to let anyone else follow her into the office when she enters thru an employee entrance. Is the network designed to mitigate threats, eg firewalls in place, and filtering viruses from entering the email system and using a web filter to block viruses and also protect the security of the company in a legal sense, as far as AUPs. Password strength / rotation policies, separation of duties, configuration and change management, data management, etc etc.
You can audit a company's technical security, but if their internal organization is a mess, you can go from saying "yeah you're secure" to them changing something, getting owned, and then saying "hey asshole we paid you all this money and you said we were secure."
The pen-testing stuff should more be to go with the above to validate that everything's config'd right, and then make adjustments to their policy.... Ideally.
You can audit a company's technical security, but if their internal organization is a mess, you can go from saying "yeah you're secure" to them changing something, getting owned, and then saying "hey asshole we paid you all this money and you said we were secure."
The pen-testing stuff should more be to go with the above to validate that everything's config'd right, and then make adjustments to their policy.... Ideally.
BTW, as for a book recommendation, I *highly* recommend Sean Convery's Network Security Architectures, from Cisco Press. This book is the boss. Covers a very wide range of stuff, some not in too much detail, eg physical access, but it does have a small section on it, enough to make sure you have a jumping off point for it.
http://www.amazon.com/Network-Security-Architectures-Sean-Convery/dp/158705115X
http://www.amazon.com/Network-Security-Architectures-Sean-Convery/dp/158705115X
As an Amazon Associate, HardForum may earn from qualifying purchases.
I also recommend learning x86 assembly, since a lot of the exploits you should at least have a basic understanding of how or why they work. But some might call me biased, since I used to do virus analyst type work...
This posting is provided "AS IS" with no warranties, and confers no rights.
This posting is provided "AS IS" with no warranties, and confers no rights.