Horror's Greatest Hits

Information Security



Information Security—also called Cybersecurity—is arguably the most interesting profession on the planet. It requires some combination of the attacker mentality, a defensive mindset, and the ability to constantly adapt to change. This is why it commands some of the highest salaries in the world.



InfoSec is such a big field, however, that it’s useful to break it up into sections. I’ve done this over the 20 years that I’ve been writing about security, and here are some of the topics you might find interesting.





Sales and marketing teams often conflate these definitions, leading to confusion in the industry.




Offensive Testing: When to Use Different Types of Security Assessments, The Difference Between Pentesting and Red Teaming, The Difference Between Threats, Threat Actors, Vulnerabilities, and Risks, The Difference Between Events, Alerts, and Incidents, Security Assessment Types





Security Tools: Shodan, Masscan, Nmap, Tcpdump, Lsof, iptables




My cybersecurity career guide takes you step by step through the process of building a security career.




Building a Security Career: Building a Career in Cybersecurity, Information Security Interview Questions, Cybersecurity Lacks Entry-level Positions





Security Philosophy: Secrecy is a Valid Security Layer





Security Concepts: Encryption vs. Encoding vs. Hashing, Information Security Definitions




Attack


Security Assessment Types

The Difference Between a Vulnerability Assessment and a Penetration Test

The Difference Between Red, Blue, and Purple Teams

A Masscan Tutorial

A Bettercap Tutorial

How to Use Shodan

When to Use Vulnerability Assessments, Pentesting, Red Team Assessments, and Bug Bounties

Purple Team Pentests Mean You’re Failing at Red and Blue

An nmap Primer




Defense


Obscurity is a Valid Security Layer

An iptables Primer

The Difference Between Events, Alerts, and Incidents

Information Security Metrics

Same Origin Policy Explained

Serialization Bugs Explained

A Security-focused HTTP Primer

Vulnerability Database Resources




Assorted


My Information Security Blog Posts

Information Security Definitions

The Difference Between Threats, Vulnerabilities, and Risks

How to Build a Successful Information Security Career

The Birthday Attack

Information Security Interview Questions

Encoding vs. Encryption vs. Hashing

Diffie-Hellman Explained

The Difference Between the Internet, the Deep Web, and the Dark Web






Subscribe for one coffee a month ($5) and get the Unsupervised Learning podcast and newsletter every week instead of just twice a month.

View more on Daniel Miessler's website »
 •  0 comments  •  flag
Share on Twitter
Published on February 04, 2019 21:24
No comments have been added yet.


Daniel Miessler's Blog

Daniel Miessler
Daniel Miessler isn't a Goodreads Author (yet), but they do have a blog, so here are some recent posts imported from their feed.
Follow Daniel Miessler's blog with rss.