SlideShare ist ein Scribd-Unternehmen logo

Getting Started in Information Security

Als PPTX, PDF herunterladen
Dennis Maldonado
Dennis Maldonado

This is the PowerPoint slides for the presentation I gave to the University of Houston's Cyber Security Club.

Technologie
1 von 27
Getting Started in InfoSec HOW TO BREAK INTO THE INFORMATION SECURITY INDUSTRY
Dennis Maldonado  UH Alumni – Computer Information Systems  Security Consultant @ KLC Consulting  Twitter: @DennisMald  Houston Locksport Co-Founder http://www.meetup.com/Houston-Locksport/  Blog - http://kernelmeltdown.org/blog/
What is Information Security  Protecting information assets from unauthorized access, modification, disruption, or any other unwanted behavior  Becoming a bigger role in daily life  Applies to everyone
Categories of Information Security  Network Security  Application Security  Web  Thick-Client  Mobile Security  Infrastructure Security  Physical Security  Social/People Security
High Level Roles  Defense (Blue Team)  Intrusion Detection  Incident Response  Malware Analysis  Offense (Red Team)  Penetration Testing  Vulnerability Assessments  Phishing Campaigns
Information Security Community  The people involved in Information Security  Work for many different companies  Collaborate  Network  Share information  Educate
How do I get involved? MEDIA
News  Internet Storm Center  US-CERT  Wired  ZDNet  /r/netsec
Blogs  Krebs on Security  Google Online Security  Naked Security  Daniel Miessler
Podcasts  Security Weekly  TrustedSec Podcast  Defensive Security  The Social-Engineer Podcast
Books  Counter Hack Reloaded  The Tao of Network Security Monitoring: Beyond Intrusion Detection  Metasploit: The Penetration Tester's Guide  The Web Application Hacker's Handbook  The Mobile Application Hacker's Handbook  Android Hacker's Handbook
Mailing Lists  SecLists.org  Full Disclosure  BugTraq  Security Basics  Penetration Testing  Info Security News  Tools mailing lists  Local groups
Twitter  Create a twitter account  Follow people in the industry  Participate in discussions
INTERACTION
Networking  Talk with people  Don’t be afraid to ask questions  Keep in touch  LinkedIn
Conferences  DEF CON  Security Bsides  Derbycon  Local Conferences  Houston Security Conference  InfoSec South West (ISSW)  In the works…
Meetups and Events  Houston InfoSec  Houston Locksport  AHA – Austin Hackers Anonymous  HAHA! – Houston Area Hackers Anonymous
Give Presentations  Give talks at conferences  Volunteer to hold workshops  Share information  Educate others
PERSONAL IMPROVEMENT
Personal Lab  Virtual Machines  Kali Linux  Old hardware  Raspberry Pi  Arduino
Capture the Flag (CTF)  Online CTFs  Vulnhub  EnigmaGroup  Smash the Stack  OverTheWire  Conference CTFs  DEF CON  Derbycon  HouSecCon
Training  Offensive Security  Security Tube  eLearn Security  SANS
Certifications  CompTIA  A+  Network+  Security+  Offensive-Security  OSCP/OSCE  SANS  CISSP
Classes  Look into relevant electives  Take them seriously  Apply security to other classes
Passion and Enthusiasm  Start your own blog  Write about what you learn  Share the knowledge  Start your own meetups or clubs  Take people to conferences with you  Do what’s fun for you
Summary  News  Blogs  Podcasts  Books  Twitter  Mailing Lists  Networking  Conferences  Meetups/Events  Present  Lab  Capture the Flag  Training  Certifications  Passion!
Questions  DennisMald@gmail.com  Twitter - @DennisMald  IRC – Freenode.net  #HoustonHackers  PS: Houston Security Conference

Empfohlen

Web profile
Web profileWeb profile
Web profile
Nuuko, Inc.
 
Assignment4
Assignment4Assignment4
Assignment4
a1104137
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008
Anton Chuvakin
 
Maleeff university of toronto 11 july 2019
Maleeff university of toronto 11 july 2019Maleeff university of toronto 11 july 2019
Maleeff university of toronto 11 july 2019
Stephen Abram
 
y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?
Ammar WK
 
Cyber Risk – The New Norm
Cyber Risk – The New NormCyber Risk – The New Norm
Cyber Risk – The New Norm
NICSA
 
Hacking
HackingHacking
Hacking
NarendraGadde2
 
Cyber Security Method (Deep - Dig) & challenge's ppt by G S Shaktawat
Cyber Security Method (Deep - Dig) & challenge's ppt by G S ShaktawatCyber Security Method (Deep - Dig) & challenge's ppt by G S Shaktawat
Cyber Security Method (Deep - Dig) & challenge's ppt by G S Shaktawat
G.S Shaktawat
 

Empfohlen

Web profile
Web profileWeb profile
Web profile
Nuuko, Inc.
 
Assignment4
Assignment4Assignment4
Assignment4
a1104137
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008
Anton Chuvakin
 
Maleeff university of toronto 11 july 2019
Maleeff university of toronto 11 july 2019Maleeff university of toronto 11 july 2019
Maleeff university of toronto 11 july 2019
Stephen Abram
 
y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?y3dips - Who Own Your Sensitive Information?
y3dips - Who Own Your Sensitive Information?
Ammar WK
 
Cyber Risk – The New Norm
Cyber Risk – The New NormCyber Risk – The New Norm
Cyber Risk – The New Norm
NICSA
 
Hacking
HackingHacking
Hacking
NarendraGadde2
 
Cyber Security Method (Deep - Dig) & challenge's ppt by G S Shaktawat
Cyber Security Method (Deep - Dig) & challenge's ppt by G S ShaktawatCyber Security Method (Deep - Dig) & challenge's ppt by G S Shaktawat
Cyber Security Method (Deep - Dig) & challenge's ppt by G S Shaktawat
G.S Shaktawat
 
Firewall final (fire wall)
Firewall final (fire wall)Firewall final (fire wall)
Firewall final (fire wall)
JIEMS Akkalkuwa
 
Firewall
FirewallFirewall
Firewall
kousalyasubramanian3
 
Cyber security
Cyber securityCyber security
Cyber security
Luke Veltjens-Swan
 
Information Security
Information SecurityInformation Security
Information Security
SamilMehdiyev
 
PreventingPhishing
PreventingPhishingPreventingPhishing
PreventingPhishing
KioWare Kiosk Software
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
Ana Meskovska
 
Psychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec FieldPsychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec Field
Zach(ary) Eikenberry
 
Digi securitypres
Digi securitypresDigi securitypres
Digi securitypres
FairSay
 
Ethics in-information-security
Ethics in-information-securityEthics in-information-security
Ethics in-information-security
Milinda Wickramasinghe
 
How is linux fixing issues of open ssl security
How is linux fixing issues of open ssl security How is linux fixing issues of open ssl security
How is linux fixing issues of open ssl security
venturesity
 
Cisco security
Cisco securityCisco security
Cisco security
ankitha anu
 
Cyber security
Cyber securityCyber security
Cyber security
Asif Kareem
 
Cyberterrorism final
Cyberterrorism finalCyberterrorism final
Cyberterrorism final
sudheerreddy59
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in Cyberspace
Jarno Limnéll
 
CybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTCybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINT
Aimee Shuck
 
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON
 
Rakan raed
Rakan raedRakan raed
Rakan raed
2el3amrakan
 
A chip to protect IOT
A chip to protect IOTA chip to protect IOT
A chip to protect IOT
NarayanlalMenariya
 
Naesys at secure it conference 2017
Naesys at secure it conference 2017Naesys at secure it conference 2017
Naesys at secure it conference 2017
Naesys_Ndspl
 
Metasploit for Web Workshop
Metasploit for Web WorkshopMetasploit for Web Workshop
Metasploit for Web Workshop
Dennis Maldonado
 
Hacking Access Control Systems
Hacking Access Control SystemsHacking Access Control Systems
Hacking Access Control Systems
Dennis Maldonado
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the Kingdom
Dennis Maldonado
 

Weitere ähnliche Inhalte

Was ist angesagt?

Information Security
Information SecurityInformation Security
Information Security
SamilMehdiyev
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
Ana Meskovska
 
Digi securitypres
Digi securitypresDigi securitypres
Digi securitypres
FairSay
 
CybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTCybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINT
Aimee Shuck
 
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON
 

Was ist angesagt? (19)

Firewall final (fire wall)
Firewall final (fire wall)Firewall final (fire wall)
Firewall final (fire wall)
 
Firewall
FirewallFirewall
Firewall
 
Cyber security
Cyber securityCyber security
Cyber security
 
Information Security
Information SecurityInformation Security
Information Security
 
PreventingPhishing
PreventingPhishingPreventingPhishing
PreventingPhishing
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
 
Psychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec FieldPsychological Security: Introducing the PsySec Field
Psychological Security: Introducing the PsySec Field
 
Digi securitypres
Digi securitypresDigi securitypres
Digi securitypres
 
Ethics in-information-security
Ethics in-information-securityEthics in-information-security
Ethics in-information-security
 
How is linux fixing issues of open ssl security
How is linux fixing issues of open ssl security How is linux fixing issues of open ssl security
How is linux fixing issues of open ssl security
 
Cisco security
Cisco securityCisco security
Cisco security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyberterrorism final
Cyberterrorism finalCyberterrorism final
Cyberterrorism final
 
Cyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in CyberspaceCyberwarfare and Aggressiveness in Cyberspace
Cyberwarfare and Aggressiveness in Cyberspace
 
CybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINTCybersecurityTFReport2016 PRINT
CybersecurityTFReport2016 PRINT
 
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
44CON 2013 - Surviving the 0-day - Reducing the Window of Exposure - Andreas ...
 
Rakan raed
Rakan raedRakan raed
Rakan raed
 
A chip to protect IOT
A chip to protect IOTA chip to protect IOT
A chip to protect IOT
 
Naesys at secure it conference 2017
Naesys at secure it conference 2017Naesys at secure it conference 2017
Naesys at secure it conference 2017
 

Andere mochten auch

Hacking Access Control Systems
Hacking Access Control SystemsHacking Access Control Systems
Hacking Access Control Systems
Dennis Maldonado
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the Kingdom
Dennis Maldonado
 
So you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you howSo you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you how
Joe McCray
 
Negative Unemployment and Great Job Satisfaction? Why infosec is AWESEOME
Negative Unemployment and Great Job Satisfaction? Why infosec is AWESEOMENegative Unemployment and Great Job Satisfaction? Why infosec is AWESEOME
Negative Unemployment and Great Job Satisfaction? Why infosec is AWESEOME
jeffmcjunkin
 

Andere mochten auch (6)

Metasploit for Web Workshop
Metasploit for Web WorkshopMetasploit for Web Workshop
Metasploit for Web Workshop
 
Hacking Access Control Systems
Hacking Access Control SystemsHacking Access Control Systems
Hacking Access Control Systems
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the Kingdom
 
Peerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetPeerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter Meet
 
So you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you howSo you wanna be a pentester - free webinar to show you how
So you wanna be a pentester - free webinar to show you how
 
Negative Unemployment and Great Job Satisfaction? Why infosec is AWESEOME
Negative Unemployment and Great Job Satisfaction? Why infosec is AWESEOMENegative Unemployment and Great Job Satisfaction? Why infosec is AWESEOME
Negative Unemployment and Great Job Satisfaction? Why infosec is AWESEOME
 

Ähnlich wie Getting Started in Information Security

Bright talk intrusion prevention are we joking - henshaw july 2010 a
Bright talk intrusion prevention are we joking - henshaw july 2010 aBright talk intrusion prevention are we joking - henshaw july 2010 a
Bright talk intrusion prevention are we joking - henshaw july 2010 a
Mark Henshaw
 
The EDUCAUSE Security Professionals Experience [ppt]
The EDUCAUSE Security Professionals Experience [ppt]The EDUCAUSE Security Professionals Experience [ppt]
The EDUCAUSE Security Professionals Experience [ppt]
Videoguy
 
InfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AInfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 A
Ward Pyles
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
Michael Noel
 

Ähnlich wie Getting Started in Information Security (20)

Handout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dipsHandout infosec defense-mechanism-y3dips
Handout infosec defense-mechanism-y3dips
 
Digital Defense for Activists (and the rest of us)
Digital Defense for Activists (and the rest of us)Digital Defense for Activists (and the rest of us)
Digital Defense for Activists (and the rest of us)
 
Bright talk intrusion prevention are we joking - henshaw july 2010 a
Bright talk intrusion prevention are we joking - henshaw july 2010 aBright talk intrusion prevention are we joking - henshaw july 2010 a
Bright talk intrusion prevention are we joking - henshaw july 2010 a
 
OpenSourceIntelligence-OSINT.pptx
OpenSourceIntelligence-OSINT.pptxOpenSourceIntelligence-OSINT.pptx
OpenSourceIntelligence-OSINT.pptx
 
1-Domain ComTIA Security+.pdf
1-Domain ComTIA Security+.pdf1-Domain ComTIA Security+.pdf
1-Domain ComTIA Security+.pdf
 
Brucon presentation
Brucon presentationBrucon presentation
Brucon presentation
 
5 Key Decisions that Shape Your Infosec Carreer | Ladies in Cybersecurity 2019
5 Key Decisions that Shape Your Infosec Carreer | Ladies in Cybersecurity 20195 Key Decisions that Shape Your Infosec Carreer | Ladies in Cybersecurity 2019
5 Key Decisions that Shape Your Infosec Carreer | Ladies in Cybersecurity 2019
 
5 Key Decisions That Shape Your Infosec Career
5 Key Decisions That Shape Your Infosec Career5 Key Decisions That Shape Your Infosec Career
5 Key Decisions That Shape Your Infosec Career
 
Why do women love chasing down bad guys?
Why do women love chasing down bad guys? Why do women love chasing down bad guys?
Why do women love chasing down bad guys?
 
Dr Nishal Khusial: Cyber Security- Common Threats, Attacks, Awareness and Bes...
Dr Nishal Khusial: Cyber Security- Common Threats, Attacks, Awareness and Bes...Dr Nishal Khusial: Cyber Security- Common Threats, Attacks, Awareness and Bes...
Dr Nishal Khusial: Cyber Security- Common Threats, Attacks, Awareness and Bes...
 
Threat Sharing for Human Rights
Threat Sharing for Human RightsThreat Sharing for Human Rights
Threat Sharing for Human Rights
 
Cyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptxCyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptx
 
The EDUCAUSE Security Professionals Experience [ppt]
The EDUCAUSE Security Professionals Experience [ppt]The EDUCAUSE Security Professionals Experience [ppt]
The EDUCAUSE Security Professionals Experience [ppt]
 
InfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AInfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 A
 
What Is Denial Of Service Attack
What Is Denial Of Service AttackWhat Is Denial Of Service Attack
What Is Denial Of Service Attack
 
Security Basics Webinar
Security Basics WebinarSecurity Basics Webinar
Security Basics Webinar
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
 
Security
SecuritySecurity
Security
 
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
You are Doing IT Security Wrong - Understanding the Threat of Modern Cyber-at...
 
Information Security Awareness
Information Security AwarenessInformation Security Awareness
Information Security Awareness
 

Kürzlich hochgeladen

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Kürzlich hochgeladen (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Getting Started in Information Security

  • 1. Getting Started in InfoSec HOW TO BREAK INTO THE INFORMATION SECURITY INDUSTRY
  • 2. Dennis Maldonado  UH Alumni – Computer Information Systems  Security Consultant @ KLC Consulting  Twitter: @DennisMald  Houston Locksport Co-Founder http://www.meetup.com/Houston-Locksport/  Blog - http://kernelmeltdown.org/blog/
  • 3. What is Information Security  Protecting information assets from unauthorized access, modification, disruption, or any other unwanted behavior  Becoming a bigger role in daily life  Applies to everyone
  • 4. Categories of Information Security  Network Security  Application Security  Web  Thick-Client  Mobile Security  Infrastructure Security  Physical Security  Social/People Security
  • 5. High Level Roles  Defense (Blue Team)  Intrusion Detection  Incident Response  Malware Analysis  Offense (Red Team)  Penetration Testing  Vulnerability Assessments  Phishing Campaigns
  • 6. Information Security Community  The people involved in Information Security  Work for many different companies  Collaborate  Network  Share information  Educate
  • 7. How do I get involved? MEDIA
  • 8. News  Internet Storm Center  US-CERT  Wired  ZDNet  /r/netsec
  • 9. Blogs  Krebs on Security  Google Online Security  Naked Security  Daniel Miessler
  • 10. Podcasts  Security Weekly  TrustedSec Podcast  Defensive Security  The Social-Engineer Podcast
  • 11. Books  Counter Hack Reloaded  The Tao of Network Security Monitoring: Beyond Intrusion Detection  Metasploit: The Penetration Tester's Guide  The Web Application Hacker's Handbook  The Mobile Application Hacker's Handbook  Android Hacker's Handbook
  • 12. Mailing Lists  SecLists.org  Full Disclosure  BugTraq  Security Basics  Penetration Testing  Info Security News  Tools mailing lists  Local groups
  • 13. Twitter  Create a twitter account  Follow people in the industry  Participate in discussions
  • 15. Networking  Talk with people  Don’t be afraid to ask questions  Keep in touch  LinkedIn
  • 16. Conferences  DEF CON  Security Bsides  Derbycon  Local Conferences  Houston Security Conference  InfoSec South West (ISSW)  In the works…
  • 17. Meetups and Events  Houston InfoSec  Houston Locksport  AHA – Austin Hackers Anonymous  HAHA! – Houston Area Hackers Anonymous
  • 18. Give Presentations  Give talks at conferences  Volunteer to hold workshops  Share information  Educate others
  • 20. Personal Lab  Virtual Machines  Kali Linux  Old hardware  Raspberry Pi  Arduino
  • 21. Capture the Flag (CTF)  Online CTFs  Vulnhub  EnigmaGroup  Smash the Stack  OverTheWire  Conference CTFs  DEF CON  Derbycon  HouSecCon
  • 22. Training  Offensive Security  Security Tube  eLearn Security  SANS
  • 23. Certifications  CompTIA  A+  Network+  Security+  Offensive-Security  OSCP/OSCE  SANS  CISSP
  • 24. Classes  Look into relevant electives  Take them seriously  Apply security to other classes
  • 25. Passion and Enthusiasm  Start your own blog  Write about what you learn  Share the knowledge  Start your own meetups or clubs  Take people to conferences with you  Do what’s fun for you
  • 26. Summary  News  Blogs  Podcasts  Books  Twitter  Mailing Lists  Networking  Conferences  Meetups/Events  Present  Lab  Capture the Flag  Training  Certifications  Passion!
  • 27. Questions  DennisMald@gmail.com  Twitter - @DennisMald  IRC – Freenode.net  #HoustonHackers  PS: Houston Security Conference