Forum Topic

TPC Information Technology Security Thread (Un-official)

  • Security Certification Roadmap
    https://pauljerimy.com/security-certification-roadmap/

    Ito pinakamaganda na nakita ko. Mukhang updated naman siya (nakasulat sa lower right). May prices din kasama hehe.
  • ^ ok nga to. pero sa pentester eh OSCP above yung nakikita ko na preferred ng mga recruiters at companies dito sa AU. usually minimum eh OSCP para maconsider ka.
  • ^ ok nga to. pero sa pentester eh OSCP above yung nakikita ko na preferred ng mga recruiters at companies dito sa AU. usually minimum eh OSCP para maconsider ka.

    yep. that is for experienced not for beginners. kita rin dito sa roadmap. usually kasi ang pentester work ay experienced talaga haha. kasi yung talaga ang need. rare ang company na maghahanap ng nagsisimula pa lang. swerte ka kung makahanap ka ng company na ganun.
  • yep. that is for experienced not for beginners. kita rin dito sa roadmap. usually kasi ang pentester work ay experienced talaga haha. kasi yung talaga ang need. rare ang company na maghahanap ng nagsisimula pa lang. swerte ka kung makahanap ka ng company na ganun.


    Mga big 4 auditing firms eh madalas naghahanap ng junior testers. certification usually ang basihan nila. madalas OSCP.
  • copy paste din lang yan sa ibang postings haha

    Mga big 4 auditing firms

    i used to hire fresh grads for an auditing firm na interesado talaga sa infosec. As an interviewer, just ask the right questions.

    Pro tip: Apply lang regardless of the insane job descriptions lol. Marami na pala ngayon accepting fresh grads or beginners. Local banks, audit firms, telco, tech companies with infosec teams, etc.
  • Pro tip: Apply lang regardless of the insane job descriptions lol


    This. haha. minsan kala mo kung ano ano na ginawa ng mga tao sa loob pero pag nakapasok ka na eh d naman pala ganon hehe
  • sobrang scarce ng resources kasi, kahit sa SOC ka, fresh grad pasok agad.
  • This. haha. minsan kala mo kung ano ano na ginawa ng mga tao sa loob pero pag nakapasok ka na eh d naman pala ganon hehe

    problem ito sa local companies. nakakatakot ang job description hahaha. parang lahat ng bagay gagawin mo.

    sobrang scarce ng resources kasi, kahit sa SOC ka, fresh grad pasok agad.

    dumami na ang infosec requirements pero mabagal ang pagkuha ng tao kasi hindi priority or nagtitipid. sabi nga ng iba, infosec ay taga-approve lang daw haha
  • hi, saan makakakuha ng oscp training/cert for free? sharing my blog <click here for link>
    goal ko maging part ng red team

    -- edited by domotico on Aug 12 2022, 05:35 PM
  • wala pong libreng OSCP.

    ito po ang prices.
    https://www.offensive-security.com/pwk-oscp/

    pag-ipunan mo na lang.
    OR
    kung nagwowork ka, pabayaran mo sa company.
  • hi, papano maprevent yung attack na pinapabagal nila internet sa wireles router? kase nangyayari sa akin, bumabagal pero pag ilipat ko sa ibang location yung router, bumabalik sa dati, iniscan using airmon-ng normal naman pati sa commview, titignan ko sa speed nya sa globe daw mabagal kase nakikita ko sa download speed, papano madedetect kaya na may umaatake sa wifi router? yung globe home prepaid wifi gamit ko
  • Gaano kalayo paglipat mo ng location?
  • mga 3m lang, tuwing ilipat ko nagiging normal signal, maraming beses na nangyari na ganun eh kaya suspetsa ko, may nang hijack ng router tapos itong mga nakaraang araw nahihirapan na ako makalogin sa portal nung router, maski access wala at mabagal ang internet, nung inilipat ko kahapon naging normal na, pati last week nung namalengke ako pagdating ko naiba na default ng search engine ng chrome ko tapos yung isa kong pc, may popup screen na lumabas pagkaopen ko, nabypass nila password sa windows

    -- edited by domotico on Aug 16 2022, 02:25 AM
  • baka na-malware ka
  • kaka update ko ng windows defender, maganda yung windows defender eh, matanong ko na rin, pag ba nagupdate ako ng windows defender, automatic na ma deactivate yung metered connection sa wifi, ganun nangyari sa dalawa ko na pc, kaya yung homesurf199 naubos 2 days lang, imposible na mamalware, bukod kase dun madami talaga adik dito sa lugar, magnanakaw 3 days na nga ulet ako nilolooban madami na nanakaw, minsan napagtripan yung gas, muntik na ako nasunugan, angkan ng mga baliw sila
  • 98% probality aatke ulet mamaya, pm me if interested kayo na mahuli yung adik ano kaya maganda trap para mapatay yung baboy? paano b i-lectrify yung binta? may exhaust pa yun, sa 220v ac mamamatay?

    -- edited by domotico on Aug 16 2022, 09:57 PM
  • pumasok na naman kagabi pinutulan ng ulo yung halaman na katabi nung ninananakaw nila na halaman tapos nag buga ulet sila ng gasolina ngayong umaga
  • Some infosec roadmaps to look at and consider when planning your career.

    https://pauljerimy.com/security-certification-roadmap/

    https://pauljerimy.com/it-career-roadmap/
  • meron na ba nakapag shift dito from soft. dev.?
  • meron na ba nakapag shift dito from soft. dev.?

    i know some pips. sila pinakamagaling sa application security haha.
  • Up for this thread.
  • hello sa mga security peeps! kaway kaway. active pa rin hiring ng security, medyo mabagal lang pag project related.
  • pa share ng hiring :-)
  • FREE Cybersecurity Training! Now for a Limited Time
    As part of our commitment to help close the workforce gap, our new global initiative, One Million Certified in Cybersecurity, is offering free Certified in Cybersecurity (CC) Online Self-Paced Training and exams to the first million people entering the field for the first time.

    https://www.isc2.org/Certifications/CC?filter=featured&searchRoot=A82B5ABE5FF04271998AE8A4B5D7DEFD
  • FREE Cybersecurity Training! Now for a Limited Time
    As part of our commitment to help close the workforce gap, our new global initiative, One Million Certified in Cybersecurity, is offering free Certified in Cybersecurity (CC) Online Self-Paced Training and exams to the first million people entering the field for the first time.

    https://www.isc2.org/Certifications/CC?filter=featured&searchRoot=A82B5ABE5FF04271998AE8A4B5D7DEFD

    okay to na intro to infosec. may cert ka pa from isc2. KAYA LANG may usd $50 Annual Maintenance Fee (AMF) upon passing the certification exam hehe. ginawa ko lang yung FREE self-paced training para makuha yung pdf materials haha. pero di nako nag-exam.
  • hello sa mga security peeps! kaway kaway. active pa rin hiring ng security, medyo mabagal lang pag project related.

    pa share ng hiring :-)

    marami po sa linkedin, foundit, jobstreet, kalibrr, indeed, etc

    refine mo lang search keywords like: security analyst, infosec, pentester, cybersec, security engineer, etc
  • Sa mga non-technical pips na gusto mag-infosec, check this out. Hindi lang puro pentest haha. This is a great parallel skill to invest in. Marami rin work dito like sa banks. Laki rin sahod hehe.

    What Is GRC (Governance, Risk, and Compliance)?
    https://www.oceg.org/ideas/what-is-grc/