To better understand what are the domains that are part of CyberSecurity is better to identify them individually and make sure we all know what to expect to learn more and more about it.
Currently the Cybersecurity tracks, like Cisco’s, make emphasis on you preparing you to be a Security Analyst Level I - Remember that all the Associate certifications are the ones validates that you can be the first knowledgeable level of contact in the enterprise. In this case Cisco Cybersecurity Operations CCNA is not different.
Thinking on few things that can help people out there to begin or advance in a career in IT Security or Cybersecurity. I had to get some information about this from a Job description of what companies are looking for in candidates, just because, yeah Andres had to find out, and help the now growing audience of CyberSecEngineer
Disclaimer I may not be the right person for specific career advise on Cyber Security, however, I will/should/could be able to provide a high-level overview of how things work from a career point of view, if you are interested in such thing, make sure you ask me using the comments section, and I will do my best to reply ** I hope the comments section work :)
I looove free and fun stuff to do when I’m training, and I also like to pay for training when is good. With that in mind, this post will be a collection of the training that I have found or will find in the future, so that it can be listed on this site.
Remember, if you know of any training that you think is sooooo cool that needs to be mentioned or announced, please feel free to reach out in the comments post, I will happily add that information.
Being clear from the beginning of the post here are some disclaimers I have:
I’m not an expert, I just like messing around with stuff that saves me time
The automation piece is a simple script in Python that is created from SecureCRT automatically
Now, as I document my projects, I have to find a way to provide my clients with meaningful information on what was what I did in their environment. I know engineers out there that hate documentation… me too, but when I do Documentation I just think like my client will think
Looking to get a better picture of the Security Portfolio from Cisco I thought it will be a good idea to have a document handy. I know that this list may be obsolete at some point but will help illustrate what I’m trying to achieve today :)
It is a reality that Security is right now the main focus of any company out there, if not and you are asking yourself why? then you should be worried.
My Cisco live experience was focused on 80% Security and 20% Collaboration. One of the sessions I assisted last week was the one related to StealthWatch and Security Monitoring, an interesting new topic for me and one that opens my brain for more questions.
The Security portfolio from Cisco is still huge for me, but I remember saying that when I was starting on my CCIE Collaboration journey a few years back. Remember the Before During and After Attack continuum from Cisco? - Yes, I remember and made my mission to know how all the pieces fit together.
There is a constant evolution of security technologies and also Security threats, which makes the need for additional and enhanced visibility of the network. Cisco keeps on improving its Security portfolio, and this time I’m looking more closely at the Cisco Identity Services Engine. At a first glance, to me it looked like just an 802.1x solution with very complicated features.
I decided that I wanted to get more involved, and I have been working with the product for the last month in a more serious note this time, trying to understand the product I decided to make a list with important Features that are packed into the solution
Last week I had the pleasure to attend a Fire Jumper Achievement classes, and it was a great eye opener for me. Security products have changed and evolved tremendously over the past few years, this evolution is due to the constant changing Attack vectors users and companies experience out there in the wild.
The Attack Continuum Cisco has a good strategy to address Security threats into different phases that could be possible in an attack. Understanding that there is not one “Perfect Solution” is part of the play. They do a great job to explain the different aspects of a security attack by breaking it down into 3 phases: Before, During and After. I also think that Cisco understands that there are very advanced and sophisticated attacks, which can bypass IPS systems, Firewall Rules and other security measures you may have at the edge, along with the security that you can deploy at the core of your infrastructure, on services such as DNS, Web and Email traffic among others.
