Justin Hall is Director – Security Services for CBTS. In the last post of this 3-part series, Justin discusses ways to learn the tools used by security practitioners. In Part 1, Justin discussed the process of developing a background in enterprise IT. Part 2 focused on how to better understand the “attacker mindset.”
An understanding of the purpose and operation of commonly used security tools not only gives you practical capabilities, but helps to shape that mindset we discussed last time – the attacker’s goals and how they plan to technically accomplish them.
It’s a common theme in security to cut the industry in half and call one side “offense” and one side “defense.” Offense is the practice of compromising a network, while defense is about protecting a network against those efforts.
Every time I speak to a group of students looking to get into the security industry and I ask what excites them about the field, invariably a few of the students respond: “We wanna hack things for a living!” I can’t say I blame them. It’s certainly been one of the more entertaining elements of my career. In that vein, many folks assume that learning the tools used by security practitioners means only the offensive tools.
Learning offensive tools is rewarding on many levels: Gaining practical experience, solving problems when the tools don’t work as expected, and exposing your brain to the approaches taken by an attacker. Probably the most common path is to grab a collection of tools in a package like Kali Linux (built around penetration testing) or SamuraiWTF (built around web application testing) … but then what next? We recommend trying some “capture the flag” (CTF) exercises where you can actually attempt common goal-based attacks in a safe environment. You can also participate in live CTF competitions at security conferences. You might also play around with purpose-built virtual machines and applications that are built solely to practice offensive techniques.
Defensive tools might not be as exciting, but are equally valuable from a learning and career preparation perspective. As they’re typically commercially sold products, we recommend grabbing free versions of some of the more popular tools, such as:
Security practitioners don’t just use tools that are designed for security work. It is just as important to learn the role played by common applications that IT professionals sit with every day. Some examples:
I’ll put down the firehose for now and encourage you to start anywhere in this list of topics – any and all of them will be helpful to get you moving in your journey to a security career, and build off the other components as well as your existing knowledge. We’re looking forward to having you. Good luck!
Read more about Security offerings from CBTS. And read this case study to learn how CBTS helped an enterprise client form a security strategy to advance their maturity, increase their risk management capabilities, reduce the attack surface for each business line, and improve their overall corporate security posture.