Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Prepare Yourself to Become Infosec Professional

9,841 views

Published on

Prepare Yourself to Become Information Security Professional.

Published in: Career
  • Be the first to comment

Prepare Yourself to Become Infosec Professional

  1. 1. PREPAREYOURSELF TOBECOMEINFOSECPROFESSIONAL Presented by M. Syarifudin, ST, OSCP, OSWP Bandung, Jul 28 2016 Stadium General Course Telkom University 1
  2. 2. Who is M. SYARIFUDIN ? • Former Lecturer and Assistant Manager • OSCP & OSWP Certified • Information Security Trainer and Researcher • Official Indonesian Kali Linux Translator • Homepage : http://fl3x.us 2
  3. 3. LET’S TALK ABOUT… • Information Security • What Should be Prepared to become Infosec Professional 3
  4. 4. INFORMATION SECURITY OVERVIEW • The practice of defending information from (un)authorised access, (mis)use, disclosure, disruption, modification, or destruction 4 Confidentiality Integrity Availability source:wikipedia
  5. 5. WHY INFORMATION SECURITY NEEDED ? • Information is very important asset • Impact to the Business 5 People Technology System
  6. 6. SOME CASES 6 Referral System Vulnerability
  7. 7. SOME BREACHES 7 Source : https://haveibeenpwned.com
  8. 8. SOME CYBER ATTACKS 8 Source : http://www.thejakartapost.com/
  9. 9. SOME CYBER ATTACKS 9 Source : http://www.bbc.com/news/uk-36239805
  10. 10. 10 Infosec Pro are always needed
  11. 11. INFOSEC PRO JOBS • Penetration Tester / Ethical Hacker • Information Security Consultant • Security Engineer • Information Security Specialist 11
  12. 12. INFOSEC PRO JOBS • Information Security Manager • Chief Information Security Officer • Information Security Trainer • etc 12
  13. 13. SAMPLE SALARY ( PENTESTER ) 13 Source:http://www.payscale.com/research/US/Job=Penetration_Tester/Salary
  14. 14. SAMPLE SALARY ( PENTESTER ) 14 77K USD per year -> 6.4K USD per month = Rp 84.000.000 per month
  15. 15. WHAT SHOULD BE PREPARED ? • Have the Passion & Good Mental • More focus on these Subjects : • Operating System • Computer Network and Security • Cryptography, and Programming 15
  16. 16. WHAT SHOULD BE PREPARED ? • Join to the Laboratory • Join to the Infosec Community • Decide your Interest • Taking the Infosec Courses and Certifications 16
  17. 17. SOME INFOSEC CERTIFICATIONS 17 More info: https://www.offensive-security.com/information-security-certifications/
  18. 18. SOME INFOSEC CERTIFICATIONS 18 More info: http://www.giac.org/certifications/categories
  19. 19. SOME INFOSEC CERTIFICATIONS 19 More info: http://www.isaca.org/ More info: https://www.isc2.org/
  20. 20. 20 Which one of your interest ?
  21. 21. What is PenTest ? 21 Real Attacks The Target Gain Access Application NetworkSystem
  22. 22. Why Do a PenTest ? 22 $$$$$ Security Program Protecting Infrastructure Prevent Data Breaches Penetration Test
  23. 23. About PenTest 23 Compromise IT System Security Find SecurityVulnerabilitiesMust Have a Permission Be Creative Exploit the SecurityVuln. Bypass Security MechanismThink like an Attacker
  24. 24. Penetration Testing Execution Standard 24 Intelligence GatheringPre-engagement Threat ModellingVulnerability Analysis Exploitation Post Exploitation Reporting http://www.pentest-standard.org
  25. 25. PENTEST DEMO 25 Let’s Hack the Target ;)
  26. 26. ThankYou Any Question ? “Contact Me” on http://fl3x.us 26

×