It's kinda like this in the real world in IT.
IT/cyber security/coding brehs….. I need serious help…. PLEASE
- Thread starter Henny and_ HotWings
- Start date
Certs are just the bare minimum to getting started. But if you live in some podunk town in the middle of nowhere forget it.
For the best jobs it's always been about the location and your connections. Too many people fail because their professional network is trash.
Henny and_ HotWings
A well seasoned nikka
Be that as it may, for a man that just has 3-4 simple questions getting started, it’s not helpful
Given what I personally asked i have to cosign what the other breh said about Health Informatics. That would be the quickest/smoothest transition. That said, I hope yall understand the range of what you're asking. 8 brehs could give the path for xyz but if you really don't know about it then how much help will it actually be? You can spend a long time going down rabbit holesBro, is preaching Gospel
Henny and_ HotWings
A well seasoned nikka
I live in Baltimore area… but have work in DC, PG County, and Columbia for the last 7 years.
Henny and_ HotWings
A well seasoned nikka
My guy… thank youGiven what I personally asked i have to cosign what the other breh said about Health Informatics. That would be the quickest/smoothest transition. That said, I hope yall understand the range of what you're asking. 8 brehs could give the path for xyz but if you really don't know about it then how much help will it actually be? You can spend a long time going down rabbit holes
RadaMillz
Superstar
First you have to see if coding is right for you
by taking this course: The Web Developer Bootcamp: Learn HTML, CSS, Node, and More!
take your time to really understand the concept and build projects, rebuild those projects on ur own without help
TIP: do not rush or skip any material, do not get distracted by shiny objects.
if you can do that and finish the course, than you are a head of so many people and the world of software/programming will welcome u with open arms.
note: whether it takes you a month, 3 months, 6 months etc does not matter, what matter is you took the time to digest everything and finished the course.
Im in the field
First off, "cybersecurity" itself is pretty broad. There's:
-offensive stuff (think hackers, penetration testers, red-teaming, etc)
-defensive stuff (soc analysts, malware analysts)
-DFIR (digital forensics and incident response)
- Compliance and auditing( not as sexy as the other stuff as it's not as technical but A LOT of money to be made in the grc space)
Have an idea of what you'd like to do first as that will best guide you on next steps.
I would say the easiest path for a beginner with an IT background is getting in as a soc (security operations center) analysts. Penetration and DFIR tend to have higher barriers for entry as they are technically demanding even for juniors. If you did go that route for the offensive stuff look at tryhackme.com or hackthebox. You'd ultimately want to look at getting a cert like OSCP (which ive taken, it's brutal). For the DFIR stuff, I'd check out SANS courses (although they're crazy expensive)
Another route to go would be to move "laterally" from a position like network/sys admin to a security engineer. The security engineer position is broad and pretty much depends on where you're working. It's usually a mix of defensive and offensive and incident response stuff. For this you'd basically leverage your network/sys admin skills and get something like ccnp security and learn splunk.
Finally, developers and IT operations don't do the same thing and therefore don't need to have the same skillets. Get a basic grasp of how the web works (http, tls encryption, etc) and learn python to an intermediate level and leave the coding to coders (unless you want to be a coder)
First off, "cybersecurity" itself is pretty broad. There's:
-offensive stuff (think hackers, penetration testers, red-teaming, etc)
-defensive stuff (soc analysts, malware analysts)
-DFIR (digital forensics and incident response)
- Compliance and auditing( not as sexy as the other stuff as it's not as technical but A LOT of money to be made in the grc space)
Have an idea of what you'd like to do first as that will best guide you on next steps.
I would say the easiest path for a beginner with an IT background is getting in as a soc (security operations center) analysts. Penetration and DFIR tend to have higher barriers for entry as they are technically demanding even for juniors. If you did go that route for the offensive stuff look at tryhackme.com or hackthebox. You'd ultimately want to look at getting a cert like OSCP (which ive taken, it's brutal). For the DFIR stuff, I'd check out SANS courses (although they're crazy expensive)
Another route to go would be to move "laterally" from a position like network/sys admin to a security engineer. The security engineer position is broad and pretty much depends on where you're working. It's usually a mix of defensive and offensive and incident response stuff. For this you'd basically leverage your network/sys admin skills and get something like ccnp security and learn splunk.
Finally, developers and IT operations don't do the same thing and therefore don't need to have the same skillets. Get a basic grasp of how the web works (http, tls encryption, etc) and learn python to an intermediate level and leave the coding to coders (unless you want to be a coder)
shyt you're half way there then being near so many government jobs.
Dance_Like_A_Fiend
All Star
I changed my major to Cyber Security earlier this year. My dad says I'd have a hard time getting high-paid work because the market is saturated with online-based jobs right now and it's basically a dog fight.
Where should you look at if you wanna do Web, Graphics/Games?
I was trying make a point thereMy guy… thank you
Seriously look into Health Informatics. HL7 will serve you well at KP and beyond
i have pfesense set up on a 1gb firewall/router/switch hooked up to a 1gb modem. my desktop runs through that firewall/switch .
I have a managed switch behind that firewall router that links to internal home wifi and a proxmox server where I host vms for sec onion.
Now with pfsense I turned on snort (really good ids/ips tool that operates ahead of the pfesens firewall, provides good home security beyond just antimalware programs.
you can block ips from various locations based off of whether the ip is attempting to connect to your network or your network is connecting to it.
This is a good time to talk about splunk......
Security brehs, if your company uses splunk, find a way to learn it.
My pfsense logs go to splunk, which is a tool that allows you to take large amounts of data and alter it for your individual use case.
Like excel but far easier to user and far more at scale.
I ingest my Snort logs into splunk along with pfsense native firewall logs and other systems logs
index them, accelerate them, I have a few dashboards for investigations and searches to find niche events.
I am still wrangling with security onion as I installed the iso the other day and have had the time to tinker with it too much
east
Screwed up... till tha casket drops!!
does the coli have a homelab thread?
pretty much every niche ass money sink hobby of mine seems to have one, i love this forum
pretty much every niche ass money sink hobby of mine seems to have one, i love this forum