cybersecurity

The original post: /r/cybersecurity by /u/MrPain__ on 2024-09-28 17:03:31.

Hi All

Just looking for some advice from anyone who's currently working as a security architect. I've been working in cyber security for about 5 years now. 3 years as a SOC infrastructure engineer, and the last 2 years as a platforms engineer. I've gained a lot of experience with Logrhythm, MS Sentinel, DFE, CS and SentinelOne, plus a few random other tools.

I have my old cisco certs (expired now) and I've recently completed my AZ-500, and have my Logrhythm admin and Splunk admin certs and I'm starting my SC-100 in the next month or so.

I have the opportunity to move into our deployment team next year, who deal with the onboarding of customer infrastructure and tools into our platform, they do a lot of the high level design work with the customers to get them onboarded.

My end goal is security architect, but when im looking at those iob roels, they always want experience. So would my previous and current experience help with getting one of these roles even without direct architect experience? what would you recommend i focus on to try and stand our when eventually applying for architect roles? Am I missing anything major that's required to move into an architect role?

Cheers!

The original post: /r/cybersecurity by /u/muskyer on 2024-09-28 16:51:24.

I've started my BTech degree in Electrical and Computer Engineering here in India, this year. I want to do my Masters in Cybersecurity. Please say what are my options in The United States and help me out with the necessary procedures and exams, if any, for which I should start the preparation from now. Thank you

The original post: /r/cybersecurity by /u/awakenIsHere on 2024-09-28 15:04:18.

Hi everyone.

Im trying to advance my IT Security and Cybersecurity knowledge. I already have 3 years of expercience and I want to advance more. I feel that I need deeper understanding of IT and security concepts.

I came accross IBM Cybersecurity Analyst Professional Certificate course on Coursera. Can you tell me is it worth it and does the course cover overall it security tools and concepts not just using IBM tools. And aswell is it like a hands on course?

Here is the link of the course: https://www.coursera.org/professional-certificates/ibm-cybersecurity-analyst#outcomes

Thank you and keep learning

The original post: /r/cybersecurity by /u/Abject-Substance-108 on 2024-09-28 14:52:24.

Hi,

I come from a legal background, but 3 years ago, I made a career shift into Information Security, starting as a GRC intern. Over time, I've grown into the role, but the lack of formal education in IT or Computer Science sometimes makes me doubt my capabilities. I realize this might be a case of imposter syndrome or learned helplessness, but I want to take proactive steps to address it.

I have been looking at job postings and I see requirements like - knowledge of building SQL queries so I am now taking a course on that. I will soon be taking courses on HTML, CSS & Javascript.

What else can I do? Please share your experience.

The original post: /r/cybersecurity by /u/digicat on 2024-09-28 13:32:56.

The original post: /r/cybersecurity by /u/markqlogan on 2024-09-28 13:12:09.

I work at a mid-market SaaS company (of course we claim we're a startup lol) and we started releasing features this past week that uses AI, with barely any security layer / guardrails on them. Of course my boss has been pushing for security for AI ever since the inception of the various projects, but management's top priority is time to deploy and we've barely had any guardrails implemented on the AI piece. Anyone else going through issues like this at their org? If so, wondering how you and your team are navigating through this.

The original post: /r/cybersecurity by /u/iam_dusane on 2024-09-28 12:07:14.

👋 I have upcoming interview at amazon for security engineer and very first round is security code reviews. Can anyone tell me how does it look like from your past experiences? Will you be able to choose programming language?

Hiring manager told me it could be in Java or Python but my expertise is in only Python & Javascript. I don't really know much about Java stuff.

Your help is much appreciated.

The original post: /r/cybersecurity by /u/Prior_Stock_4457 on 2024-09-28 11:16:52.

I would like to know why Apache TomEE Plus 9.1.3 is shipping EOL Tomcat Version 10.0.27 ?? As per research i have done it shows new vulnerabilities are not tested against 10.0.x branch.

The stable version of TomEE Plus is 9.1.3. TomEE Plus 10.x is a milestone version (if i'm not wrong Milestone stands for under development, please correct me if I'm wrong). The issue is recent vulnerability (CVE-2024-38286) is vulnerable with Tomcat and i can not update Tomcat separately that comes with TomEE Plus.

Can anyone tell me why they are shipping older Tomcat and potential resolution in this scenario. Thanks!!

The original post: /r/cybersecurity by /u/Zestyclose_Flow_680 on 2024-09-28 07:31:27.

Even with the best AI safety measures, hackers will always be a step ahead. But the bigger issue isn’t AI itself—it’s how we as humans choose to use it. Human behavior, with all its flaws, creates vulnerabilities. How can we secure not just our AI systems, but also our actions and intentions?

The original post: /r/cybersecurity by /u/ayoubm1e on 2024-09-27 20:43:35.

Is this cybersecurity stuff stressing you out or is it just me?

The original post: /r/cybersecurity by /u/Historical-Ad-1536 on 2024-09-27 03:36:47.

I am separating from the Navy with 4 years experience as an Information Systems Technician. I have my A+, Net+, Sec+, and CySA+ certs, TS/SCI clearance, and am about to finish my associates in cybersecurity from WGU. Even though I have the nice job title, I really don't feel like I had any real IT/cybersecurity responsibilities. So I feel like I barely have any experience. Would getting CISSP help me at all get a better/higher paying job any more than what I already have? Or do I need to wait and get some more experience before my CISSP would hold any weight?

The original post: /r/cybersecurity by /u/PositionFlat on 2024-09-27 00:32:05.

About to finish Cyber Security Bachelors with all my certs Security+ ,SSCP, CYSA+, ..etc and have no clue on how this USAJOBS process works. Tried looking up from multiple other posts and still trying to wrap my head around it. What GS level positions should I be applying for? I have no experience and I have served in the military. I live in the DC area. I would be extremely grateful to hear any advice on the matter. Ideally I would like to do something like security analyst but im not sure how everything works. Do I need to take a helpdesk role for a year to gain experince and get a security clearance? what GS level or key words should I be looking for on the job description? Once again any advice is really appriciated. It's been a rough few years and hoping for a job that can help my family.

The original post: /r/cybersecurity by /u/experiencings on 2024-09-26 21:57:05.

kinda feeling mentally exhausted with everything I've learned so far. everything was cool and exciting at first but now it just feels like I'm forcing myself to learn for no reason... I don't even work in the industry, I don't think I'll be able to work there anytime soon with how shitty the tech industry is right now. just feel like moving to the woods and becoming a lumberjack now, y'know?

The original post: /r/cybersecurity by /u/karanthakkar on 2024-09-27 23:21:14.

Hey everyone,

I have a Security Engineer interview coming up, and I’m looking for some tips and guidance on what to focus on. The first round is a 60-minute technical screening, where the recruiter mentioned that the first half will cover security fundamentals, and the second half will likely involve code review (potentially related to secure coding or static analysis). Additionally, the job description emphasizes threat modeling as a key focus.

For those who have been through similar interviews or are in the industry:

1. When it comes to security fundamentals, what are the core concepts or areas I should really focus on for the interview?
2. For the code review part, what kinds of issues should I be prepared to identify? Are there specific coding pitfalls I should watch out for, particularly in Python?

I also know that leadership principles are a big deal at Amazon, and I’d love to hear how you handled scenarios related to those principles during your interviews. Any advice on how to structure responses or articulate examples effectively would be really helpful.

I’m excited about this opportunity and want to be as well-prepared as possible. Any advice, guidance, or resources would be greatly appreciated!

Thanks in advance!

The original post: /r/cybersecurity by /u/2deMinimis on 2024-09-27 21:36:25.

Just want to reach out to see if anyone has experience or insights on building an Isolated Recovery Environment in our organization for recovery from potential ransomware incidents.

How is that architected? Totally isolated from current production environment where critical systems and applications would be recovered including AD forest, etc. Is the recovery environment a long standing environment or will it be build on demand from code and templates (IaaC). On-premises, private or public cloud. Is that environment owned (as in business owner) by Cybersecurity team. I appreciate your insights and sharing experience or even contrarian views, differing thoughts.

The original post: /r/cybersecurity by /u/nick313 on 2024-09-27 20:26:41.

The original post: /r/cybersecurity by /u/Impossible_Sir_4861 on 2024-09-27 19:58:54.

If I accidentally went out of scope and reported an xss vulnerability not knowing xss is out of scope ,but did not deploy an xss attack or attempt to gain access , do you think the company will press charges ?

The original post: /r/cybersecurity by /u/Lost-Baseball-8757 on 2024-09-27 19:14:19.

We know we’re not going to lose our jobs; the human factor in such a critical area is irreplaceable (even though many companies would love to). However, I’m really curious about what the limit of its involvement will be. What do you think?

As a pentester, I can imagine a future where persistence reaches another level—perpetual and nonstop attacks, with companies having to bolster their ranks with artillery of the same caliber.

I got into cybersecurity partly because I love the cyberpunk theme and the idea of always being at the forefront of technology; it’s gratifying to see that tons of new things could be coming in the next few decades.

The original post: /r/cybersecurity by /u/zootbp on 2024-09-27 10:00:52.

Hey everyone, is there any other way to get through GRC items like an ISO? Automation is key to moving away from old-school approaches of using Word, Excel etc. to track programme status, control failures, and evidence collection.

Anyways, what are everyone's thoughts on these types of tools? We went with Vanta, a nice crowd, the tool is child-friendly (For C levels) and it can connect to multiple systems etc. in minutes. The risk management and asset management were a godsend at my place, also being able to connect to multiple systems and look at Shadow elements we never knew about.

I found a link for a discount if anyone wants it, via a podcast I listen to: $1,000 off Vanta at vanta.com/decloaked (Oddly enough, procurement claimed this cost saving as their own. A win's a win eh?).

https://www.vanta.com/

The original post: /r/cybersecurity by /u/Upbeat-Conclusion101 on 2024-09-27 06:10:00.

I am a fresh grad working as a software dev in a startup. I want to get into cyber sec a few years from now. Wanted advice on how to gain skills and get practical experience (while staying at my current job). Also I want to know if it is important to choose a domain while starting out. (Please let me know all the domains and any suggestions and guidance)

The original post: /r/cybersecurity by /u/needmorejava on 2024-09-27 19:05:30.

During a recent engagement, we discovered that an enterprise had left default admin credentials on all of the equipment responsible for controlling the air temperature and humidity levels of their entire data center. Something this basic could have had catastrophic consequences for the organization.

https://brackish.io/2024/09/24/what-are-default-credentials-a-penetration-testers-best-friend/

https://brackish.io/2024/09/24/what-are-default-credentials-a-penetration-testers-best-friend/

The original post: /r/cybersecurity by /u/JCTopping on 2024-09-27 18:13:45.

The original post: /r/cybersecurity by /u/GlassHouse_101 on 2024-09-27 17:37:02.

I've been working in the SIEM world for some time, and lately have seen lackluster interest, to say the least in these solutions. . .am I wrong to say SIEM is dead? It seems like customers are after proactive security measures (attached surface management & risk reduction) instead of whack a mole, search and punch tools?

The original post: /r/cybersecurity by /u/Threezeley on 2024-09-27 17:17:36.

Going through a comparison exercise but figure this is not a new technology, so might as well ask around.

No budget cap however would need to be able to reasonably justify the cost relative to the function.

No fancy requirements really:

• UDP and TCP ingest support
• local cache in case cannot pass along downstream to SIEM
• Routing support based on regex matches and IP of sender, hostname would be nice if possible.

We currently use syslog-ng free but we don't have a vendor support contract in place and it's a dated version that likely has vulnerabilities. It works pretty great though.

Looking at syslog-ng premium with an enterprise license, Cribl as a multi-purpose tool that includes Syslog, and since our org uses Splunk we are considering SC4S -- however the last time we POC'd it years ago it did not perform well enough.

Any recommendations, anything we should be looking at that isn't on the radar?

The original post: /r/cybersecurity by /u/Encrypt3dMind on 2024-09-27 16:35:06.

Hi,

I have an interview next week for a Presales Cybersecurity Consultant position with an MSSP. I was wondering if anyone could share their experience or insights on what kind of questions I should expect during the interview.

Any tips or guidance would be greatly appreciated!