Cybersecurity career

Hey guys, I always write articles, share posts from some sites that I follow and find relevant. Among these various experiences that I have been exchanging with professional friends, the question that always comes up is:

"Where do I start studying to migrate to security?"

I decided to write how I am following my Cybersecurity Analyst career, what I studied and have studied. An objective that I have always put as a premise in my IT life is "If I am going to study something, I will study very well and with a theoretical framework (books)". Some areas that I studied, and help until today when I do a behavioral analysis of a possible infection, a pentest, a vulnerability exploitation and etc.

Networks 

I recommend that you study the concepts of Networks, most used protocols / ports, their details and weaknesses. Main commands used when troubleshooting. And when I talk about testing networks, I'm not talking about using only the ping command.

Security Tools

When I talk about the basics, I'm not telling you to study all the tools in the world, such as firewalls, WAF (Web Application Firewall), IPS (Intrusion Prevention System), IDS (Intrusion Prevention System), Web Filters, Application Control. I am recommending that you build a good base of how the tools work, if you change the product to be proprietary or Open Source, you will only have to adapt to the product interface, because the concept of operation is similar.

Hypervisors

This topic still has great relevance in my studies. You ask yourself "But why would I have to learn to operate Hypervisors if I intend to work with Cybersecurity?" Then there comes the big balcony that helped me to evolve a lot. The cool thing when you learn to work like XenServer, Hyper-V, VMware, VirtualBox, XenProject and etc. This contributes a lot when you need to do labs for studies or simulate some vulnerability. When you need to test certain malware to identify behaviors.

Operational systems

In my opinion, one of the most important qualities that a Cybersecurity professional must have is knowing how to operate the main OS used in the world very well, that is, Windows and Linux. I see many professionals who have walked a whole career on a single OS and today I found it difficult to learn a new one or even resistance. The great thing about you getting a good understanding of each system is that you will never have difficulties when you need to validate vulnerabilities, do a hardening, pentest and other activities.

I recommend studying the distributions below from Microsoft:

• Windows 7 to 10 (Desktop) 
• Windows 2008, 2012, 2016 (Server)

As for Linux, even though there are several distributions I recommend studying the main ones, the others are derived from them: 

• Debian (my favorite)
• Ubuntu
• Redhat
• CentOS (community version of Redhat)
• Suse
• OpenSuse
• Kali (Focused on Security)
• Parrot (Focused on Security)

When you build a good foundation on these distributions, the others are easier to operate on a daily basis.

Security Concepts

This is the part that in my opinion many professionals with Cybersecurity Analyst signatures on Linkedin sin ... they are what I call security professionals who only operate tools and do not know a single point of the theoretical concepts in the area. Once during a chat with a security professional, I asked how you can prevent SQL Injection attacks on your company's applications, I heard the following answer "I monitor requests, and when I see a significant increase in requests I block the origin for a while ". A tip I always leave to people who ask me for guidance is not to be a professional Script Kid, that is, who only knows how to literally run scripts or get them ready on the internet and has no idea what the tool or script does. Today, the market is already full of professionals so I suggest you study, do not give up in the first difficulties, persevere, research, participate in forums and groups. Believe this enriches learning a lot when you propose to share knowledge. One of the characteristics that attract me in the world of Free Software is this spirit of sharing and helping others.

Study English

The Study of the English language is nowadays fundamental, most of the IT tool manufacturers have their specialized support outside Brazil, and they only speak English or Spanish.

Books

But let's go to some books, articles, forums that helped / help me develop my knowledge to work with Cyber.

• Foca Guide - https://guiafoca.org/ ( Fundamental ) 
• Linux Pro Collection - LPI-1 Certification 101 102 
• Linux Pro Collection - LP1-2 Certification 201-202 
• Linux System Administrator's Guide
• Linux - Fundamentals
• Regular Expressions: A Fun Approach
• CCNA 5.0 - COMPLETE STUDY GUIDE (Today it is already in version 6.0)
• Security + certification. From Practice to Exam SY0-501
• Cybersecurity Analyst Certification (CySA +): Preparatory Guide for the COMPTIA CS0-001 Exam
• CompTIA Cybersecurity Analyst (CSA + TM) Study Guide CS0-001 
• CompTIA PenTest + PT0-001 Cert Guide
• CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, 2nd Edition

Some Security Tools to study:

• Firewall
• Antispam
• Web Application Firewall
• Intrusion Prevent System
• Intrusion Detection System
• Proxy
• Web Filter
• Data Loss Prevent
• Password Vault
• Security Information and Event Management
• Cloud Access Security Broker (CASBs)
• Kali / Parrot Linux