With this (Open-)Book I want to write down things I’ve learned in my life within the scope of IT Security Operations.
I started my (Security) Career as a network engineer (LAN, WAN, Firewall), continued being a security officer (to much writing tasks), going over to learn the offensive side as a penetration tester, switching over to the defense side as a Threat Intelligence guy – dealing with IOC and where they can be applied and currently I am payed for writing detection content to identify ongoing malicious things.
So during the past years I learned how to attack as also how to track down the adversary.
In all the past years I followed the vision to have the one and only solution for all problems we have – you guess it. I was disappointed with that and learned that most of the situations in our daily (defense) life may be called complex, or not that easy. So the current mode of operation is to identify the best solution for the specific environment and situation.
Life is changing every day so our job does.
Why am I writing now?
Can’t tell for sure. Currently I have fun to write and the courage to write in my own style (without the goal to fit your needs) – so this book may be interesting for you or it’s not.
Target audience
Target audience is important – I know.
I’m writing to you, a stranger, as a entry level security guy in my mind. I want to share my experience, the successful and failed ones in the hope that you may be a little bit faster, more precise, more creative in your learning.
Am I a lame one? I won’t say so, but in my world the evolution is defined as the next generation is smarter, faster, etc. than the previous one but the basics won’t change that fast – the earth neither spin faster or slower based on the mid-age of people working in the InfoSec bubble.
What can I learn
Can’t tell exactly – I’m just writing down my thoughts, solutions, pitfalls and so on.
I’m willing to write about SIEMs, Detection Rules, their development, giving hints how to build up a Lab Environment to get hands dirty.
Maybe I’m writing about processes and workflows, to get more efficient in doing.
What’s next?
Just scroll through the navigation and find a topic that you are interested in, start to read and understand.