Forum Topic

TPC Information Technology Security Thread (Un-official)

  • @songerph

    Salamat sir, tama ka explore ko na lang parehas. Sa ngayon kasi forencics pa lang pwede ko mag job shadow pero try ko explore parehas para matutunan. Sa ngayon nalilito ako kung sa technical or non-technical side ako pupunta since parehas sila wala ako alam and at the same time parehas din sila interesting. Salamat sa explanation sir, na-enlighten ako. :)

    Thanks din pala sa secuirty setup ng rig mo, naka AVG lang kasi ako at Malwarebytes, iniisip ko baka meron kayo mas maganda at mas secured. Although nasa user pa din naman nakasalaylay ang lahat. Additional security layer lang pag nag browse mga bata pati si Thanos.. i mean si wifey eheh.
  • Good morning. Tanong ko lang ulit, out of curiousity lang din. Anong role or position alam niyo sa technical side ng infosec ang matataas ang sweldo?
  • ^ VAPT role maybe?
  • Nakita ko lang, baka makatulong.

    how to start in infosec -> <click here for link>
  • VAPT, SOC. Mataas ang sweldo basta magaling ka hehe
  • Mabigat masyado VAPT eheh. Ano yung mga example roles sa SOC na malaki bayad? ... the reason why I ask, kasi na curious ako kasi napansin ko sa Infosec team namin wala masyado nag update ng position title sa mga email signature. Madalas nakalagay lang is Security Professional pero naka indicate naman yung mga cert after ng name nila like CISM and CPP, CISA. Siguro hindi pa naman late sakin mag start sa technical side ano? as in ngayon pa lang ako mag explore, baka start ako forensics, tulong ako sa isang team namin.
  • You won't know until you try it. Kung may opportunity na tumulong and learn from it, go ahead. Tsaka mo malalaman kung para sayo yan later hehe

    Regarding SOC, try reading descriptions dito:
    https://www.sans.org/reading-room/whitepapers/analyst/building-world-class-security-operations-center-roadmap-35907
    page 4
  • Ahh eto pala yung mga SOC, okay itong binigay mo na link paps ah. Salamat !
  • Good on you sir. Aral lang. Since nasa web at network sec ka ngayon, I recommend scripting kahit paunti-unti. Python, Perl, Powershell, Javascript, etc.

    Noted on this Sir! Hindi ko pa alam saan ako maa-assign after ng training namin.

    ---
    Other than this community meron pa ba tayong iba? I mean mga kilalang information security professionals na pwedeng i-follow sa social media? Or mga events na pwedeng puntahan para maging updated sa infosec world?

    -- edited by kahel12 on May 08 2018, 10:46 AM
  • Or mga events na pwedeng puntahan para maging updated sa infosec world?


    rootcon
  • Rootcon.org
    September na sa tagaytay. Nasa 8k ang presyo.

    Hackthenorth.ph
    Sa north luzon

    May group din sa fb na Bug Bounty PH. Search foo nyo na lang.
  • ano kaya impact ng AI sa cybersecurity jobs? baka kaya na ng AI ung pagiging analyst?
  • tingin ko walang impact, for now.
  • ano kaya impact ng AI sa cybersecurity jobs? baka kaya na ng AI ung pagiging analyst?

    Hmm sa ngayon ginagamit ang AI sa cyberthreat and malware detection. Mas nasa defensive side siya ng infosec.

    Check out nyo yung Darktrace. https://www.darktrace.com/
  • Cyber Attack Maps

    Not really accurate pero interesting.

    https://www.fireeye.com/cyber-map/threat-map.html.html

    https://cybermap.kaspersky.com/

    https://threatmap.checkpoint.com/ThreatPortal/livemap.html
  • Hmm sa ngayon ginagamit ang AI sa cyberthreat and malware detection


    So mababawasan ang need sa human cybersec analyst?
  • Cyber Attack Maps

    Not really accurate pero interesting.

    https://www.fireeye.com/cyber-map/threat-map.html.html

    https://cybermap.kaspersky.com/

    https://threatmap.checkpoint.com/ThreatPortal/livemap.html


    Nice! may iba pa palang threat-map.
    Contribute ko na rin yung alam ko.
    http://map.norsecorp.com/
  • Guys, anong training or certification pwede i-pursue ng mga taong nasa data security and privacy role? tska ano tingin niyo career path nito? just need insights especially sa mga may kilala nag progress dito. :)
  • <click here for link>

    Eto career path road map, although comptia sya, may iba pa rin certifying body. For me, I haven't attended comptia class so no comment. Pero ang SANS/Giac quality talaga kasi US military kadalasan Trainor. Mahal nga lang kahit web live cast. Interesting din Google certs for anyone pursuing cloud tracks.

    Nga pala, yung cissp boot camp na naattendan ko sa mandaluyong. I would not recommend, sayang lang pera. Dapat self study tlga kaya naman kasi.
  • mga sir meron kasi kaming fortigate 60E gusto ko syang pag aralan ano ba dapat yung mga dapat kong aralin dito yung usually na ginagamit? thanks
  • mga sir meron kasi kaming fortigate 60E gusto ko syang pag aralan ano ba dapat yung mga dapat kong aralin dito yung usually na ginagamit? thank


    unahin mo basahin ung manual cover to cover.
  • *Free training and certification currently avaliable for April and May *

    1. Microsoft - Azure certification
    https://lnkd.in/g4E6FfJ

    2. AWS - All AWS technology
    https://lnkd.in/fkcMAKg

    3. IBM - All IBM technology
    https://lnkd.in/gR4zq2W

    4. Oracle University - Cloud Infrastructure and Autonomous Database
    https://lnkd.in/fVBv9KT

    5. Fortinet - NSE1 and NSE2
    https://lnkd.in/gH7SCE9

    6. Palo Alto - Networks
    https://lnkd.in/gfj9f6h

    7. Cisco - Cyber Security
    https://lnkd.in/gwZBBPJ

    8. Qualysguard - Vulnerabilty management
    https://lnkd.in/fMHuKc4

    9. Nessus - Vulnerabilty management
    https://lnkd.in/gEvcJeh

    10. SAN's - cyber security
    https://lnkd.in/gexceQz

    11. Homeland security - ICS Security
    https://lnkd.in/g7G4Ebh

    12. Coursera - Cloud courses
    https://lnkd.in/fTCXqFm

    13. Pluralsight - All Training
    https://lnkd.in/djPvKDe

    14. Sololearn - All Training
    https://lnkd.in/fYHT27z
  • good morning mga sir, need your advise and suggestion... im 41yrs old graduate of 2yrs programming sad to say hindi ko nagamit ung pina-aralan ko in other words nagtrabaho agad-agad kahit hindi tugma sa kurso ko... ngayon gusto ko sanang i-pursue at willing naman mag-invest when in terms of seminars and trainings, gusto ko sanang magakapag trabaho bilang Cyber Security kung yan ba ung position name hindi ko alam. eto po ung mga katanungan ko:

    1. masyado na bang late para sa edad ko?
    2. anong programming languge ang need pag-aralan?
    3. anong path ung dapat kong sundan?
    4. mas ok ba kung mag-Network Security Admin muna o pwede ng mag-rekta sa Cyber Security?
    5. ano-anong mga trainings, seminars at certification ung kailangan (in order)

    TIA
  • Since may background ka sa programming, suggestion ko is Application Security. Karamihan ng technologies ay browser-based.

    Ito read mo sir, simpleng primer on appsec. https://www.microfocus.com/en-us/what-is/application-security

    Web application security and mobile security ang pwede mong puntahan.

    A more detailed primer. https://www.imperva.com/learn/application-security/application-security/

    Ang basic na pwede mong isipin ay, "mag-hack ng website"
  • Sa Cyber Security field din ako nagwowork, offense side: pen test, red team.

    For me, pili ka ng side na gusto mo: defense (blue) or offense (red). then build mo track mo don.

    Wala ako masyago mabigay na opinion sa blue team side pero tingin ko mas marami trainings at resources don kasi by the book sila usually. More on sysad yung entry level, dapat alam mo kung pano yung baseline security ng assets para matrace mo yung galaw ng red team. then yung next level na eh yung forensics, threat hunting, etc. may mga certification din mga to.

    Sa red team naman, usually nagsisimular sa pen test. Application Security tulad ng sabi ni songerph specifically web apps at web services. Yung pinakacommon na guide eh https://owasp.org/www-project-web-security-testing-guide/.

    Specific kasi yung pen test, so maraming guides depende sa itetest mo, meron mobile apps, desktop apps, iot, network, etc.

    Yung red team naman eh halo halo na yan, tapos papasukan na ng threat intelligence. ang madalas na gamit eh https://attack.mitre.org/

    yung mga magagandang certification providers dito eh Offensice Security at CREST. kung nag sisimula ka pa lang eh try mo hackthebox at vulnhub. pwede mo training ground yan bago yung certifications.

    Madalas mas mahirap resources sa offense side kasi yung effective eh yung hindi by the book. pero syempre sa corporate scenario eh madalas follow mo yung guide eh enough na for compliance requirements.

    -- edited by harin on Aug 06 2020, 02:45 PM
  • Regarding certifications and trainings, kung ikaw ang magbabayad suggestion ko ay yung "specific" ang kunin mo. Example, Active Directory Administration, Linux Administration, Programming in ganitong language, Building Responsive websites, etc. Better master the fundamentals.

    Yung mga security certs para sakin sayang sa pera pero pogi sa resume. Certified SANS/GIAC ako pero bayad ng company hehe. I would rather hire someone na nagbu-bug bounty na walang certification or yung nagbubuild ng sariling network/server setup sa bahay.

    Start with the web tulad nung sabi namin ni sir harin sa taas. Basahin mo OWASP. Then sign up ka sa bug bounty platforms like Hackerone and Bugcrowd.

    For me, pili ka ng side na gusto mo: defense (red) or offense (blue). then build mo track mo don.

    Baliktad kulay sir hehe

    Kung curious ka sa ibang fields, search mo lang. start with SOC, defensive. bantay bahay. Sinubukan ko to pero tinamad ako haha
    https://www.mcafee.com/enterprise/en-us/security-awareness/operations/what-is-soc.html
  • @songerph, haha tama baliktad pala nalagay ko... edited.

    -- edited by harin on Aug 06 2020, 02:46 PM