5 answers
Asked
639 views
What software should I be familiar with in order to pursue a Cyber Security/Network Security/Information Security career?
#information-technology #computer-engineering #cyber-security #computer-software
Login to comment
5 answers
Updated
Mikael’s Answer
I recommend getting familiar with these first, as they are widely used in the security industry, and cover a lot of ground:
- nmap
- Burp Suite
- metasploit
Other that that, it's a good idea to start looking into the Kali Linux toolbox, which includes many of the (free) tools commonly used in the industry, including the 3 listed above.
- nmap
- Burp Suite
- metasploit
Other that that, it's a good idea to start looking into the Kali Linux toolbox, which includes many of the (free) tools commonly used in the industry, including the 3 listed above.
Wayne Archibald
Cybersecurity Associate Director here to share knowledge!
229
Answers
Annapolis Junction, Maryland
Updated
Wayne’s Answer
Hi Jacob,
For a career in Cyber Security/Network Security/Information Security, I would recommend any of these languages:
Python
Javascript
Java
C++
Golang
C#
R
PHP
Swift
SQL
Good luck!
For a career in Cyber Security/Network Security/Information Security, I would recommend any of these languages:
Python
Javascript
Java
C++
Golang
C#
R
PHP
Swift
SQL
Good luck!
Updated
Phillip’s Answer
It really depends on what cybersecurity path(s) taken. The tools mentioned by the other professionals here are good suggestions for tools to learn. Network security would involve tools such as wireshark (a must), aircrack, snort, firewalls, etc. DevSecOps may require tools such as Nessus or splunk. Web security would rely on tools such as Burp Suite. In terms of infrastructure security, there's a shift from on-premise to cloud based services. It may be a good idea to look into cloud based security tools such as Azure Sentinel or a SIEM (Security Information Event Management) such as one offered by Rapid7.
Updated
Dan’s Answer
It’s easy to get caught up in learning security tools but unless you have a solid understanding of the technologies you are securing you won’t know why you are choosing the tools that you are. I would recommend spending some time standing up a web server and a simple web application. Examine the logs and configuration, configure SSL/TLS, etc. Do the same thing with email. Then start examining tools that you can use to harden those systems. For instance, can I find a way to block someone who is routinely scanning my email server with Nmap? Can I determine which Nmap scan was run against my web server? What does Burp Suite look like when it spiders my website?
It’s easy to become fixed on security tools, but being a good technologist first will make you more well rounded than someone that fixates on security tools.
It’s easy to become fixed on security tools, but being a good technologist first will make you more well rounded than someone that fixates on security tools.
Updated
Mike’s Answer
Great question, Jacob!
Cybersecurity is a pretty broad field - the good news is, that there is something for everyone. My advice is to wade in with a focus on something that fits your personality and you are passionate about. No matter what aspect you focus on, you will want to not just embrace the security tools, but the underlying discipline too. Want to work on pen testing web apps, WiFi Networks, or mobile devices? Then you want to be someone who has a good foundation in the languages, platforms, and frameworks that govern each. This focus will help you be a much more successful security specialist. Knowing as much as you can about what you are attacking or defending goes a long ways!
Good Blue Teamers or end-system testers often come from a SysAdmin background, so understanding the operating systems, environment architectures, and the common tools that a Windows or Linux SysAdmin leverages is invaluable. Effective system administrators script and automate, so tools that support that, like PowerShell, bash, python, etc. are key. Entry level certs from MS or RedHat might be a huge help in getting your feet wet and determining your next step. From here, the tooling will vary greatly based on what you are after. Most of those tools are written in Python, Ruby, Go, or are scripted in bash, so it can be fairly useful to get your feet wet there.
Web security folks (both red and blue team) benefit from understanding the languages and tools used to develop those applications. Languages like Java, JavaScript, Python, PHP, HTML, SQL etc. are all very common, but understanding the supporting tools like Git, your development environment (VSCode, Atom, etc.), toolchain elements (CI/CD tools, etc.) are all a huge help- there are a ton of good resources out there that can lead you. There are a ton of tools on the testing and security-focus that are in use, but BurpSuite is a great place to start for understanding how many concepts work. They have a free version and awesome academy that can help.
Network Security folks (again, both Red and Blue) are much more effective when they have some fluency in the protocols and operating systems that they are tasked with securing or testing. In these cases, it is more about understanding the interplay of the vendor OS and the protocol specifics (Cisco, Juniper, Dell, HP OSes vs. protocols like the TCP/IP stack, routing protocols, etc.). Once you have that foundation, there are literally thousands of tools you might encounter, but WireShark is a universal first step for defenders and attackers. As for languages, Python is almost indispensable, as is bash scripting. Then you can pursue the tooling that makes sense. Certs from vendors (like Cisco) or from neutral parties (CompTIA's Network+) can be helpful in building the foundations here.
Cloud Security looks a little like web at first, but with a focus on the environment (AWS, Azure, GCP, etc.) All have their own quirks and toolings, but the concepts are very similar. Language-wise, Python is pretty helpful, as is understanding container-focused tools like Docker and Kubernetes. Both the cloud providers and the container-shops have great free education pathways, with low-cost but highly valued certs if that is your sort of thing.
Similar things can be said for wireless, mobile, Internet of Things, or any other technical security focus - learn about what you are trying to secure or evaluate, start with the basics and pursue it so long as you are passionate. The rest will take care of itself.
While we're here, it is worth mentioning that there are sorely lacking skillsets out there in cybersecurity that need addressing. People skills and communications chops are in high demand. Do you like helping people understand technical stuff? Maybe focusing on policy and education would be a good idea? Do you like performing for the greater good? Take a look at Social Engineering.
Start with an interest, and continue on a path to build your passion. Try out a couple of areas, the cross-training is invaluable too. And don't worry about finding THE path - we all get there a very different way.
Interested in web? Start here for inspiration: https://insights.stackoverflow.com/survey/2021, and you can get some great basics in the underlying languages here: https://www.w3schools.com
Check out Burp Suite if web still sounds fun: https://portswigger.net/web-security
Looking at network security? Take a intro cert (CCNA, Network+, etc.)
Still into network security? WireShark (and its CLI version, tshark) are invaluable: https://www.wireshark.org
Cybersecurity is a pretty broad field - the good news is, that there is something for everyone. My advice is to wade in with a focus on something that fits your personality and you are passionate about. No matter what aspect you focus on, you will want to not just embrace the security tools, but the underlying discipline too. Want to work on pen testing web apps, WiFi Networks, or mobile devices? Then you want to be someone who has a good foundation in the languages, platforms, and frameworks that govern each. This focus will help you be a much more successful security specialist. Knowing as much as you can about what you are attacking or defending goes a long ways!
Good Blue Teamers or end-system testers often come from a SysAdmin background, so understanding the operating systems, environment architectures, and the common tools that a Windows or Linux SysAdmin leverages is invaluable. Effective system administrators script and automate, so tools that support that, like PowerShell, bash, python, etc. are key. Entry level certs from MS or RedHat might be a huge help in getting your feet wet and determining your next step. From here, the tooling will vary greatly based on what you are after. Most of those tools are written in Python, Ruby, Go, or are scripted in bash, so it can be fairly useful to get your feet wet there.
Web security folks (both red and blue team) benefit from understanding the languages and tools used to develop those applications. Languages like Java, JavaScript, Python, PHP, HTML, SQL etc. are all very common, but understanding the supporting tools like Git, your development environment (VSCode, Atom, etc.), toolchain elements (CI/CD tools, etc.) are all a huge help- there are a ton of good resources out there that can lead you. There are a ton of tools on the testing and security-focus that are in use, but BurpSuite is a great place to start for understanding how many concepts work. They have a free version and awesome academy that can help.
Network Security folks (again, both Red and Blue) are much more effective when they have some fluency in the protocols and operating systems that they are tasked with securing or testing. In these cases, it is more about understanding the interplay of the vendor OS and the protocol specifics (Cisco, Juniper, Dell, HP OSes vs. protocols like the TCP/IP stack, routing protocols, etc.). Once you have that foundation, there are literally thousands of tools you might encounter, but WireShark is a universal first step for defenders and attackers. As for languages, Python is almost indispensable, as is bash scripting. Then you can pursue the tooling that makes sense. Certs from vendors (like Cisco) or from neutral parties (CompTIA's Network+) can be helpful in building the foundations here.
Cloud Security looks a little like web at first, but with a focus on the environment (AWS, Azure, GCP, etc.) All have their own quirks and toolings, but the concepts are very similar. Language-wise, Python is pretty helpful, as is understanding container-focused tools like Docker and Kubernetes. Both the cloud providers and the container-shops have great free education pathways, with low-cost but highly valued certs if that is your sort of thing.
Similar things can be said for wireless, mobile, Internet of Things, or any other technical security focus - learn about what you are trying to secure or evaluate, start with the basics and pursue it so long as you are passionate. The rest will take care of itself.
While we're here, it is worth mentioning that there are sorely lacking skillsets out there in cybersecurity that need addressing. People skills and communications chops are in high demand. Do you like helping people understand technical stuff? Maybe focusing on policy and education would be a good idea? Do you like performing for the greater good? Take a look at Social Engineering.
Start with an interest, and continue on a path to build your passion. Try out a couple of areas, the cross-training is invaluable too. And don't worry about finding THE path - we all get there a very different way.
Mike recommends the following next steps: