This website aims to give an overview of modern security operations including the opportunities and challenges that the industry is facing. More importantly, this website servers the constituency of beginner analysts seeking to know more.
Choosing A Path
Studying Like A Pro
Learning to study is one of the most important skills to have in the cybersecurity industry. As you chart your way through your career, you will need to build a skillset in different domains such as incident response, threat hunting, forensics, or penetration testing.
In order to do this successfully, you need to develop healthy study habits and methodology for learning and retaining large amount of information.
Exam indexing is a concept of taking courseware and compiling a comprehensive index of topics and terms which reflect the core concepts of the material. The purpose of the index is to quickly be able to reference material during studying or during an open book exam, like the GIAC exams.
The index can be as simple as a Excel spreadsheet with a couple columns such as “Page“, “Term“, “Description“.
Curve of Forgetting
The Curve of Forgetting describes how we retain or get rid of information that we take in. It’s based on a one-hour lecture.
The concept is simple. On day 1, you know 100% of what you know, but as time goes on, if you have done nothing with that information, you will have lost 50-80% of what you have learned by day 2 and this goes on until you eventually forget all of what you learned.
The curve illustrates that constant exposure to the learning material in small review sessions will make you retain that information over a long period of time. For example, taking 10 minutes on day 2, 5 minutes on day 3, and >5 minutes everyday after, will train your mind to retain the information and keep the curve “active”.
Reading, Reading, & More Reading
As the last section illustrated, it cant be emphasized enough how important developing good reading habits. Absorbing new information from books, blogs, or whitepapers on various cybersecurity topics not only expands your skillset but equips you to further your career.
There are some must read books in this industry and I will list some below , in no particular order:
- Blue Team Handbook: SOC, SIEM, and Threat Hunting
- Blue Team Handbook: Incident Response Edition
- Operator Handbook: Red Team + OSINT + Blue Team Reference
- Intelligence-Driven Incident Response: Outwitting the Adversary
- Network Flow Analysis
- The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win
- The Visual Display of Quantitative Information
- Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses
- Windows Security Monitoring: Scenarios and Patterns
- Windows Internals, Part 1: System architecture, processes, threads, memory management, and more
Practice, Practice, & More Practice