Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Getting Started in Information Security

2,709 views

Published on

This is the PowerPoint slides for the presentation I gave to the University of Houston's Cyber Security Club.

Published in: Technology
  • Be the first to comment

Getting Started in Information Security

  1. 1. Getting Started in InfoSec HOW TO BREAK INTO THE INFORMATION SECURITY INDUSTRY
  2. 2. Dennis Maldonado  UH Alumni – Computer Information Systems  Security Consultant @ KLC Consulting  Twitter: @DennisMald  Houston Locksport Co-Founder http://www.meetup.com/Houston-Locksport/  Blog - http://kernelmeltdown.org/blog/
  3. 3. What is Information Security  Protecting information assets from unauthorized access, modification, disruption, or any other unwanted behavior  Becoming a bigger role in daily life  Applies to everyone
  4. 4. Categories of Information Security  Network Security  Application Security  Web  Thick-Client  Mobile Security  Infrastructure Security  Physical Security  Social/People Security
  5. 5. High Level Roles  Defense (Blue Team)  Intrusion Detection  Incident Response  Malware Analysis  Offense (Red Team)  Penetration Testing  Vulnerability Assessments  Phishing Campaigns
  6. 6. Information Security Community  The people involved in Information Security  Work for many different companies  Collaborate  Network  Share information  Educate
  7. 7. How do I get involved? MEDIA
  8. 8. News  Internet Storm Center  US-CERT  Wired  ZDNet  /r/netsec
  9. 9. Blogs  Krebs on Security  Google Online Security  Naked Security  Daniel Miessler
  10. 10. Podcasts  Security Weekly  TrustedSec Podcast  Defensive Security  The Social-Engineer Podcast
  11. 11. Books  Counter Hack Reloaded  The Tao of Network Security Monitoring: Beyond Intrusion Detection  Metasploit: The Penetration Tester's Guide  The Web Application Hacker's Handbook  The Mobile Application Hacker's Handbook  Android Hacker's Handbook
  12. 12. Mailing Lists  SecLists.org  Full Disclosure  BugTraq  Security Basics  Penetration Testing  Info Security News  Tools mailing lists  Local groups
  13. 13. Twitter  Create a twitter account  Follow people in the industry  Participate in discussions
  14. 14. INTERACTION
  15. 15. Networking  Talk with people  Don’t be afraid to ask questions  Keep in touch  LinkedIn
  16. 16. Conferences  DEF CON  Security Bsides  Derbycon  Local Conferences  Houston Security Conference  InfoSec South West (ISSW)  In the works…
  17. 17. Meetups and Events  Houston InfoSec  Houston Locksport  AHA – Austin Hackers Anonymous  HAHA! – Houston Area Hackers Anonymous
  18. 18. Give Presentations  Give talks at conferences  Volunteer to hold workshops  Share information  Educate others
  19. 19. PERSONAL IMPROVEMENT
  20. 20. Personal Lab  Virtual Machines  Kali Linux  Old hardware  Raspberry Pi  Arduino
  21. 21. Capture the Flag (CTF)  Online CTFs  Vulnhub  EnigmaGroup  Smash the Stack  OverTheWire  Conference CTFs  DEF CON  Derbycon  HouSecCon
  22. 22. Training  Offensive Security  Security Tube  eLearn Security  SANS
  23. 23. Certifications  CompTIA  A+  Network+  Security+  Offensive-Security  OSCP/OSCE  SANS  CISSP
  24. 24. Classes  Look into relevant electives  Take them seriously  Apply security to other classes
  25. 25. Passion and Enthusiasm  Start your own blog  Write about what you learn  Share the knowledge  Start your own meetups or clubs  Take people to conferences with you  Do what’s fun for you
  26. 26. Summary  News  Blogs  Podcasts  Books  Twitter  Mailing Lists  Networking  Conferences  Meetups/Events  Present  Lab  Capture the Flag  Training  Certifications  Passion!
  27. 27. Questions  DennisMald@gmail.com  Twitter - @DennisMald  IRC – Freenode.net  #HoustonHackers  PS: Houston Security Conference

×