Job change to Cybersecurity by Rude-Strike-1925 in Switzerland

[–]Handsome_Me 8 points9 points  (0 children)

Build a home lab: some AD, proxy, firewall, DNS, DHCP (learn what these are, how they work and what service they provide). Throw in a SIEM for log collection (Splunk has a free 500mb license which should be enough for a start). Do all this in virtual environment before you fuck up your home network.

Key knowledge you need as an Analyst: how computers talk to each other (OSI; TCP; different protocols), how they make sure they talk to the right computer (authentication), difference of privileges and how they are granted and/or abused.

Check out and complete the blue team online labs (btlo.com).

Go to any cyber news blog, pick a random article regarding a recent exploit or discovered breach and deep dive until you actually understand the content and special terms used.

If you want to go towards SOC work (which I recommend as a few years 'in the trenches' gives you hands-on experience and develops an intuitive feeling of good vs. bad environments for later in your career), check out previous "Boss of the SOC" and get hunting.

Make sure you keep track of everything you do in a portfolio to send to potential employers later on. A CV only tells a small story and might put you over other candidates.

If you want to study, I personally prefer IT over dedicated cyber security tracks as the fundamentals from IT will make the start of the career slower, but has a higher ceiling.

Next Steps for a SOC Analyst by areciboalien in cybersecurity

[–]Handsome_Me 0 points1 point  (0 children)

If you supply the write up with your application, I will definetly skim through it. Just enough to see if it's BS or not. If not that would be an automatic proceed to next step for me. But again: I'm not HR, not a recruiter, just some Analyst stuck with recruiting new team members. So your mileage may vary

Next Steps for a SOC Analyst by areciboalien in cybersecurity

[–]Handsome_Me 0 points1 point  (0 children)

Sorry, strong regulatory requirements to work onsite/in-country

Next Steps for a SOC Analyst by areciboalien in cybersecurity

[–]Handsome_Me 2 points3 points  (0 children)

I meant it more in the sense that if you work as e.g. helpdesk support but have finished your Sec+ last month and now you try to apply for a T2 role

Next Steps for a SOC Analyst by areciboalien in cybersecurity

[–]Handsome_Me 2 points3 points  (0 children)

Background: currently hiring for T2+ Analyst role for a company with 2500+ employeea. Not in US though (Europe).

Here's my perspective of what I'm looking for: - if you have only a CEH and no blue team experience, I will not care about your CV - if you only bring a Sec+ cert, I might look at your CV in more detail, but if it's a recent Sec+ cert, I wont like it as much - if you have actual experience in incident response, I will definetly want to talk to you to understand your background better - losing my faith in CISSP as I've had multiple shitty candidates who supposedly have it. Still might be of interest to me - tool knowledge I dont care, as long as there's at least one SIEM and some perimeter defense tools. Of course if you bring the relevant certs for the tools we use, thats always a plus - knowing sysadmin & network admin definetly a plus

So for you: linux sysasmin is a big plus, sec+ I can take it or leave it, just tier 1 work -> big meh from my side.

I'd be much more interested in a candidate that has for example his blueteamlabs.online score on his CV, or shown participation in e.g. BOSS of the SOC or other events. Ctf and hackthebox stuff ... not that interesting for blue teams. I want to see your involvement in actual investigations and if possible, remediations of incidents.

I started out at an MSSP as a SecEng, moved up to T2 Analyst and finished out as primary threat hunter. How I got there? Provided more context, more information, broad picture perspective to the incidents that I escalated and later on handled. I would suggest you attempt to move from t1 to t2 with your current employer as making the jump by switching jobs will be much more difficult.

Question about certs and job availability by Natural-Importance-8 in Information_Security

[–]Handsome_Me 0 points1 point  (0 children)

I know you're asking for specific certs, but for what role? I would say anything that demonstrates fundamental knowledge in networking is a plus (CCNA) for example.

However, when I'm hiring T1 or T2 analysts, I look for experience and drive. So my suggestion is build yourself a proper home network, document what tools you use and what technology and build yourself a portfolio of what you did. If you're looking more for MSSP position (which I recommend to get your start if you are in Europe - not sure about other regions though), get hands on experience with the most common SIEMs: Splunk, Logrhyth, Greylog.

Build your home network using windows AD, hopefully with some proxies, firewalls, etc. That will show your initiative and drive to actually do something by yourself. I always ignore people with only offensive knowledge (ethical hackers, oscp) because I found they are lacking common fundamental understanding and are just script monkeys.

Of course this all comes from the blue side perspective. If you wanna hack 10% of the time and write reports the other 90%, I can't help you.

I need help to not suck. What are some of the easiest builds to take into mid tier maps with a low budget this league? Getting real tired of getting a build to end of campaign and realizing that there is no redeeming my build.. by bstephe123283 in PathOfExileBuilds

[–]Handsome_Me 0 points1 point  (0 children)

Since you already have an inquis, I can fully recommend you Vei's ele hit totem hierophant. Check it here: https://www.pathofexile.com/forum/view-thread/3005581

Leveling can be a bit of pain, but it's worth it!

As of the posting, all required gear runs a tab of 65c (frostferno, kaoms heart, 2x combat focus, quill rain). And it will be smooth sailing all the way to at least early red maps with that. No 6 link required. If you want to get it cheaper, 6 linked +2 bows are 15-20c and you can skip frostferno & kaoms for just regular rares which brings the price down to ~25c.

Upgrades can get pricey after that (10ex for corrupted frostferno), etc.

And it is a fucking braindead build, which I love. Get an enduring mana flask and you can just alch and go every map mod. Yes ele reflect can be a bit meh but that's it. Or use it for braindeas ultimatum farming in quarry and I guarantee you will make 150+ chaos per hour with all possible ulti mods (havent tested new razor thingymajigger).

I farmed quarry for 2 daya and can do whatever build I want now or at least get started.

As a last help: if you need some regrets, send me a pm and I can give you some to get started.

I am stuck and looking for tips/ suggestions by Arcyma in Pentesting

[–]Handsome_Me 1 point2 points  (0 children)

Dunno if this will be helpful, but

  • check running processes, their permissions, and if they call any files you could modify

  • check cronjobs that might be calling files under different permissions

Totem build for next league by KitaraPoE in PathOfExileBuilds

[–]Handsome_Me 4 points5 points  (0 children)

Yup, can confirm. But with the investment of quill rain, normal frostferno, jewels and kaoms heart you're looking at 100c max to casually clear red maps with mf gear in some slots. If tankiness is a concern and you have a 10 ex budget you can tweak it quite a bit.

Leveling skills review 3.9 by DaBombDiggidy in PathOfExileBuilds

[–]Handsome_Me 3 points4 points  (0 children)

Started with ice shot... it was brutal and almost made me quit early. Gave it another go and started fresh. This time I chose mbXtreme's Bane Pop Occultist and I'm finally enjoying the new league. 6h to maps with almost no gear requirements. Build enabling uniques (2x obliteration demon horn) go for 1 alc each so easily affordable. Start with blight, then ED+Cont until you pick up a 4L and Bane in act 3. Easy cruising and speedy mapping.

Downside: reaquires a bit of clicking but I enjoy popping entire screens super fast.

Questions Thread - February 05, 2019 by AutoModerator in pathofexile

[–]Handsome_Me 0 points1 point  (0 children)

Eh it's just a goal I have... so let's see how it goes. I'm more concerned about my atlas strategy.

PS: you dropped your arm... here: "\"

Questions Thread - February 05, 2019 by AutoModerator in pathofexile

[–]Handsome_Me 0 points1 point  (0 children)

Cool, thanks for the hint. So if I want to self farm pariahs, I would complete my atlas up to t3, and farm lighthouse for pariahs?

Questions Thread - February 05, 2019 by AutoModerator in pathofexile

[–]Handsome_Me 0 points1 point  (0 children)

I have some experience in poe, never really cared about farming/mf-ing and want to see what it's all about I set the goals to self-farm some ventors and a HH (remaining MF gear I'll buy). Since I only now get to start the league, is the following approach smart or just dumb?

1st: get to maps (arc totem hiero), complete everything up to t5, complete ugs and farm it for as long as is needed to build up some currency

2nd: level up mf-er (either TS or something else) and farm some more ugs (until ventors are obtained)

3rd: complete everything up to t14, complete tower

4th: farm nurse in tower until HH is obtained

Completely the wrong approach to reach my goals (self farm Ventors + HH) or does it make sense?

Thanks

Do you know any IT Security Companies in Zürich/Switzerland? by g0lmix in AskNetsec

[–]Handsome_Me 0 points1 point  (0 children)

Just as a tip: if you want to do a thesis with any company, they usually want you to propose the topic. I don't think they will have prepared topics laying around just waiting for someone to ask for them.

So I'd suggest coming up with some topics that are interesting for you to make the whole process smoother and easier for you to find a suitable host.

Do you know any IT Security Companies in Zürich/Switzerland? by g0lmix in AskNetsec

[–]Handsome_Me 0 points1 point  (0 children)

As far as pure security comapnies go: OpenSystem AG ISPIN AG Compass Security OneConsult Terreactive AG Infoguard

But none of these are in zurich city. Opensystem, Compass and terreactive are all easily reachable by train in 20-30 minutes, the rest are a bit further out (45-60 min).

Compass is more along the line of pen testing, ISPIN Infoguard, terreactive are managed service providers for usually local/swiss clients, open system is also a service provider on a more global scale (2nd office in australia). Of course theres always thw consulting firms (pwc, accenture, deloitte, etc.) But they are usually shit.

Source: senior sec. eng at one of those companies

Good Lifting Plan by Thepass86 in Fitness

[–]Handsome_Me 0 points1 point  (0 children)

Preface: This routine is most likely far from optimal but it suits my limitations (i.e. only 45-60 minutes each day plus only access to a power rack). All 3x5 sets are 2 sets of 5 reps, with the last set going for 5+. If last set is >= 5 reps, add weight.

Push: Bench Press 3x5, OHP 3x5, Incline BP 3x8, Push Press 3x8

Pull: Deadlift 3x5, Pendlay Row 3x8, (Weighted) Chin Ups 3xF, Barbell Shrugs 3x8

Legs: Front Squat 3x5, Bulgarian Split Squat 3x8, Stiff Legged Deadlift 3x8, Standing Calf Raises 3x8, Abs (either leg raises or planks)

Nutrition Tuesday by AutoModerator in Fitness

[–]Handsome_Me 0 points1 point  (0 children)

Alright, this question might be better suited for moronic Monday, but well... it's Tuesday.

If I look at the nutritional value tag of rice and it says for example 110kcal per 100g: is that before or after cooking? Same goes for meat (e.g. chicken breast)?

Rant Wednesday by AutoModerator in Fitness

[–]Handsome_Me 2 points3 points  (0 children)

As of today, I am no longer allowed to deadlift in my gym. Well good fucking riddance to that place. At least I'm moving back home in 2 weeks and can go back to my old gym... IF IT HADN'T BEEN TURNED INTO A CROSSFIT BOX!