Career in Cyber Security

:)

In today's world, Cyber security is one of the most fascinating job fields. Be it fresher or experienced IT professional, it attracts everyone.




When it comes to career, Cyber security has unlimited career options and with unlimited career options, it creates some sort of confusion. It’s not always easy to find the right career path in Cyber Security. Also, a cyber security professional's responsibilities may vary, but the role can be simplified into one function: "Protect a company's data from being compromised by an attack".
 
This post will help all those people who want to make a career in the cyber security field. Here we will discuss all major pathways in Cyber Security. So let’s start –





1) VAPT (Vulnerability Assessment & Penetration Testing) – 

It is an attempt to evaluate the security of an IT infrastructure by checking and exploiting the vulnerability. It helps the organization to protect itself by providing a clear vision of security loopholes and guidance to address them.

 

Phases of VAPT :




 

2) SOC (Security Operation Centre)  - 

          An information security team who is responsible for an organization’s security postures on an ongoing basis is called SOC. The monitor, detects, investigate and respond to cyber-threat.

      Whenever they see any suspicious traffic, they trigger an alarm called an incident. Incident management is a process that defines the life cycle of an event from detection to erasure.

 

         Phases of SOC :




 

3) IAM (Identity and Access Management)

        It is an essential part of overall IT security that manages digital identities and user access to data, system and resources within an organization. It works on the principle of Least Privilege wherein each employee has been granted with least privilege that is required to complete his/her job. 

     To mitigate the risks, improve compliance, and increase efficiencies across the enterprise  IAM  programs are necessary.

      

4) GRC (Governance and Risk Compliance) -  

Governance, risk, and compliance programs enable an organization to identify and mitigate risks with appropriate controls and initiatives while ensuring compliance. It defines how a unique set of risks is handled by an organization.
 
Governance is the effective management of an organization by those at the top who are liable for it. The common field of governance are :  

  • Corporate governance
  • IT governance
  • Business governance
  • Legal governance.

The proper management of risk is also called as Heart of any information security management system. Experienced and professional risk managers know how to continuously monitor risk performance and use feedback to make timely decisions without affecting the business.

 

Phases of GRC :




 
 

5) BCDR (Business Continuity and Disaster Recovery)


          Methods and procedures required to mitigate the impact of a disaster on the information and data required for critical business processes.
 
It implements a well-written and properly tested plan that allows recovery personnel to manage recovery efforts resulting in the timely restoration of services.

 

Phases of BCDR :



To wrap up the post, The options are unlimited. You just need to explore your interest and dive into Cyber Security world.

Thanks for reading.

:)

 
 
 

Comments

  1. VijilanFebruary 18, 2022 at 7:01 AM

    You are sharing a particularly decent article here. It is a significant and factual article for us. Thankful to you for sharing an article like this.soc in healthcare USA

    ReplyDelete

Post a Comment

Popular posts from this blog

SQL Injection – “Let’s dump the database”

Image
  What is SQL injection? ✔ SQL injection is a code injection technique that uses malicious SQL code to access information/data that was not intended to be displayed. It can be used to obtain unauthorized access to the underlying data, structure, and DBMS.  ✔ SQL Injection attacks are one of the oldest, most prevalent, and most dangerous web application vulnerabilities. The OWASP organization lists injections in their OWASP Top 10 2017 document as the number 1 threat to web application security.  ✔ SQL injection vulnerability occurs when the application sends user input to the interpreter without sanitizing it and user input can be used to query database. SQL queries are used to execute commands, such as data retrieval, updates, and record removal. Types Of SQL Injection Attacks : SQL Injection can be classified into three major categories In-band SQL Injection Inferential SQL Injection Out-of-band SQL Injection 1) In-band SQL Injections When the attacker uses the same communication c
Read more

XML Injection

Image
  XML injection is an attack technique used to manipulate or compromise the logic of an XML application or service.It allows an attacker to inject malicious and/or unexpected input that can break XML logic. Depending on the functionality and XML usage of an application, a successful XML injection may cause unauthorized access to resources and sensitive data disclosure. What is XML? ✔ XML stands for eXtensible Markup Language.  ✔ It is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. It is  designed to store and transport data. XML is  extensible and hence can be tailored according to the application. ✔ XML uses a tree-like structure (XML Tree structure) of tags and data where tags can be user defined. To interpret XML data, an application needs XML parser, also known as the XML processor. Example : An XML document is always descriptive and can be referred as XML tree structure. XML Entities :  XML entiti
Read more

DirtyCred : CVE-2022-2588

Image
  A vulnerability in the Linux kernel that allows data to be overwritten in arbitrary read-only files. Since unprivileged processes can inject code into parent processes, this vulnerability can lead to privilege escalation.  DirtyCred is a kernel exploit concept that exploits the heap memory reuse mechanism to obtain high privilege. This vulnerability is similar to the DirtyPipe  vulnerability ( CVE-2022-0847 ) impacting Linux kernel versions 5.8 and later. The attack includes 3 steps: 1.  Free an in-use unprivileged credential 2. Allocate privileged credentials in the free memory slot by triggering a privileged userspace process such as su, mount, or sshd 3. Operate as a privileged user Exploit in action: 1.      Login to the vulnerable machine and check the kernel version “ uname -a ” {The exploit works on most Centos 8 kernels higher than linux-4.18.0-305.el8 and most ubuntu 20 kernels higher than 5.4.0-87.98 and 5.11.0-37.41} 2.      Check the current user id and /etc/p
Read more