Ask HN: Resources to Start as a Cyber Security Professional

17 points by dirtylowprofile ↗ HN
I would like to explore and start my career as a Cyber Security Professional but as I dig online the resources are kinda old.

What books do you recommend for beginners? What are the topics to be focused on? Malware? Pen Testing? Basic TCP/IP?

13 comments

[ 3.7 ms ] story [ 36.1 ms ] thread
The really serious way:

Go to Carnegie Mellon. While getting a BS in CS, be active in a student group called Plaid Parliament of Pwning. Finally, send me some sort of resume.

putting aside CMU (a lot of people wouldn't be able to get into it), what would you recommend for someone getting a Software Engineering degree to get into low level security ?
Pick a school that uses a low-level language. C is great. Java, Python, Javascript, and Scheme are all bad.

Take the courses that involve writing compilers and operating systems.

Do a project that involves writing an emulator, perhaps for one of the things DD-WRT runs on. You could start from MAME or Qemu, or do the whole thing from nothing.

Write a boot sector for the demo scene. For example, recently somebody wrote a PAC-MAN clone to run in 512 bytes.

Solve a DEFCON CTF problem. They are difficult puzzles, so try several. Learn to use Ghidra (free) or a similar tool. Freeware and demo versions are available for IDA Pro, Hopper Disassembler, and Binary Ninja.

Thank you very much for taking the time to reply on my question.

I'd love to hear about more lowlevel security projects I can do, as I feel that would help me learn the most.

Depends on what you want to do. If you are good with people, I suggest Information Assurance. It's basically consulting combined with cyber security. Most SMEs only require advice on basic network security, password management, how to avoid phishing attacks, social engineering attacks and ransomware, how to handle crises after being hacked etc. Checklists will get you a long way. Leave the reverse engineering of malware etc. to people with more interest and time. It is a more narrow field, takes a lot of additional effort and requires a fair bit of talent. If you are just going into cybersecurity for money, stick with IA. I know this is not a popular opinion on HN, but your average SME won't be able to do information security properly (remember, your average consumer believes in using an anti-virus to clean out a infected machine, when the correct thing to do is a complete wipe and reinstallation). Easier get them to offload most of their productivity tools to SaaSes and buy plenty of insurance than try to force FANG-level access control protocols on them.
If you are looking for technical resources for internet security, books by Zalewski are pretty good for a conceptual understanding. (Silence on the Wire and The Tangled Web)
> Leave the reverse engineering of malware etc. to people with more interest and time.

...

> (remember, your average consumer believes in using an anti-virus to clean out a infected machine, when the correct thing to do is a complete wipe and reinstallation). Easier get them to offload most of their productivity tools to SaaSes and buy plenty of insurance than try to force FANG-level access control protocols on them.

this is a very bad advice.

Not really, do you honestly want people to be hosting their own email servers? Stuff like networked filesystems and NAS over VPN requires a tremendous amount of work to properly secure. Better give the money to a *aas company than to waste it on incompetent IT departments. Especially since a lot of companies consider IT to be a cost center instead of a source of value. Idealism is nice and all but most companies won't care enough and data protection laws don't magically make the problem go away. More pragmatic to simply outsource security to more qualified technical companies instead of trying to do it yourself. Also, low level OS/assembly level domain knowledge isn't as useful for non-technical, SMEs. There's not much a company can do when you tell them their 30 year old in-house CAD software written in Fortran 77 parses file in an insecure way after fuzzing it. Their original programmer is long gone. They are not going to rewrite it anytime soon. Sticking it in a VM may be their best option. You are not there to engineer a malware to break their systems. You are their to tell them what's wrong and how to fix it in the cheapest way possible. Threats from phishing, ransomware, and poorly implemented BYOD policies are a lot more dangerous to most companies.