Information Security

Information Security—also called cybersecurity, or InfoSec—is arguably the most interesting profession on the planet. It requires some combination of the attacker mentality, a defensive mindset, and the ability to constantly adapt to change. This is why it commands some of the highest salaries in the world.

InfoSec is such a big field, however, that it’s useful to break it up into sections. I’ve done this over the 20 years that I’ve been writing about security, and here are some of the topics you might find interesting.

• Offensive Security Testing
  
  • security assessment types
  • when to use different types of security assessments
  • the difference between pentesting and red teaming
  • the difference between red, blue, and purple teams
  • the difference between threats, threat actors, vulnerabilities, and risks
  • the difference between events, alerts, and incidents

Building a Security Career

• building a career in cybersecurity
• day-1 skills required to land an entry-level cybersecurity job
• information security interview questions
• why cybersecurity lacks entry-level posit

• Security Tools
  
  • shodan
  • masscan
  • nmap
  • tcpdump
  • lsof
  • iptables

• Security Team Types
  
  • the difference between pentesting and red teaming
  • the difference between red, blue, and purple teams
  • the definition of a green team

---

• Security Definitions
  
  • the difference between threats, threat actors, vulnerabilities, and risks
  • the difference between events, alerts, and incidents

---

• Security Philosophy
  
  • secrecy is a valid security layer

---

• Security Concepts
  
  • encryption vs. encoding vs. hashing
  • information security definitions

Thank You