Upload
dennis-maldonado
View
2.061
Download
2
Embed Size (px)
Citation preview
Getting Started in InfoSecHOW TO BREAK INTO THE INFORMATION SECURITY INDUSTRY
Dennis Maldonado
UH Alumni – Computer Information Systems
Security Consultant @ KLC Consulting
Twitter: @DennisMald
Houston Locksport Co-Founderhttp://www.meetup.com/Houston-Locksport/
Blog - http://kernelmeltdown.org/blog/
What is Information Security
Protecting information assets from unauthorized access, modification, disruption, or any other unwanted behavior
Becoming a bigger role in daily life
Applies to everyone
Categories of Information Security
Network Security Application Security
Web Thick-Client
Mobile Security Infrastructure Security Physical Security Social/People Security
High Level Roles
Defense (Blue Team) Intrusion Detection Incident Response Malware Analysis
Offense (Red Team) Penetration Testing Vulnerability Assessments Phishing Campaigns
Information Security Community
The people involved in Information Security Work for many different companies Collaborate Network Share information Educate
How do I get involved?MEDIA
News
Internet Storm Center
US-CERT
Wired
ZDNet
/r/netsec
Blogs
Krebs on Security
Google Online Security
Naked Security
Daniel Miessler
Podcasts
Security Weekly
TrustedSec Podcast
Defensive Security
The Social-Engineer Podcast
Books
Counter Hack Reloaded
The Tao of Network Security Monitoring: Beyond Intrusion Detection
Metasploit: The Penetration Tester's Guide
The Web Application Hacker's Handbook
The Mobile Application Hacker's Handbook
Android Hacker's Handbook
Mailing Lists
SecLists.org Full Disclosure BugTraq Security Basics Penetration Testing Info Security News
Tools mailing lists Local groups
Create a twitter account
Follow people in the industry
Participate in discussions
INTERACTION
Networking
Talk with people
Don’t be afraid to ask questions
Keep in touch
Conferences
DEF CON
Security Bsides
Derbycon
Local Conferences
Houston Security Conference
InfoSec South West (ISSW)
In the works…
Meetups and Events
Houston InfoSec
Houston Locksport
AHA – Austin Hackers Anonymous
HAHA! – Houston Area Hackers Anonymous
Give Presentations
Give talks at conferences
Volunteer to hold workshops
Share information
Educate others
PERSONAL IMPROVEMENT
Personal Lab
Virtual Machines
Kali Linux
Old hardware
Raspberry Pi
Arduino
Capture the Flag (CTF)
Online CTFs Vulnhub EnigmaGroup Smash the Stack OverTheWire
Conference CTFs DEF CON Derbycon HouSecCon
Training
Offensive Security
Security Tube
eLearn Security
SANS
Certifications
CompTIA A+ Network+ Security+
Offensive-Security OSCP/OSCE
SANS CISSP
Classes
Look into relevant electives
Take them seriously
Apply security to other classes
Passion and Enthusiasm
Start your own blog Write about what you
learn
Share the knowledge
Start your own meetups or clubs
Take people to conferences with you
Do what’s fun for you
Summary
News Blogs Podcasts Books Twitter Mailing Lists Networking Conferences
Meetups/Events Present Lab Capture the Flag Training Certifications
Passion!
Questions
Twitter - @DennisMald
IRC – Freenode.net #HoustonHackers
PS: Houston Security Conference