From The Bottom of Information Technology
Recently I had the opportunity to take the PWK course offered by Offensive Security. Given how helpful the community has been during my journey, I felt it was my duty to provide a helpful write-up for all those pursuing the OSCP. The most useful questions I enjoyed reading were: What experience did you have before …
A well defended network and properly trained security professional has many opportunities of detecting and stopping malicious actors. Each layer of activity found in the Mitre ATT&CK Matrix is a chance for the malicious actor to trip an alarm. A malicious cyber attack only needs to be detected and stopped in one of the stages …
The industry skill base is shifting towards a new idea of enterprise IT, but are we still thinking “Old IT”? Organizations are moving to the cloud with a traditional IT mindset, and its costing more than it should. Moving to the cloud, in general, has lots of immediate benefits including scalability, availability, and automating tasks …
I recently sat for the Comptia CySA+ exam, and was pleasantly surprised at the technical material covered. What is it? Comptia started offering a new certification in June of 2017 that focuses on Blue Team/defensive information security and incident response. The CySA+ was recently recognized by the DOD to cover the Cyber Security Provider (CSSP) …
I recently passed the examination in March 2018. This entire experience has helped me understand security at a foundation level, and I expect this knowledge to greatly benefit my career. The CISSP or Certified Information Systems Security Professional is an information security certification that has had many mixed opinions in the security community. This mixed …