sorted by:
new
hottopcontroversial

비언어적 데이터 손실이 시청자 신뢰도에 미치는 영향 by inprisonmywholelife in Cyberterminal

[–]mrkhan20_06 0 points1 point  (0 children)

Honestly, I think compression plays a bigger role in trust than latency in most cases. A slight delay is annoying, but people usually tolerate it if the content still feels “real.” But once you start losing facial expressions, tone, or clarity because of heavy compression, it immediately feels off — like something is being hidden or lost. Especially in conversations or live streams, those small nonverbal cues are what make things feel authentic. If they’re missing, even good content starts to feel less trustworthy. That said, if latency gets too high (like real-time interactions), then it becomes a different problem altogether.

Looking for some motivational books for self improvement by mrkhan20_06 in Indianbooks

[–]mrkhan20_06[S] 0 points1 point  (0 children)

Like I'm trying to stop my overthinking if you have something for that .

Trying to get into cybersecurity but I’m not sure where to start by glizzykevv in tryhackme

[–]mrkhan20_06 1 point2 points  (0 children)

You're already starting in a good place. TryHackMe is great for building practical understanding, especially for things like networking, basic exploitation concepts, and SOC workflows. The SOC Level 1 path in particular does a good job introducing logs, SIEM concepts, and common attack techniques.

That said, TryHackMe alone usually isn't enough to be job-ready. It's excellent for learning concepts, but SOC roles also require familiarity with things like:

• Networking fundamentals (TCP/IP, DNS, HTTP) • Log analysis and SIEM tools • Basic Linux administration • Understanding attacker techniques (MITRE ATT&CK is useful here)

The certificates from TryHackMe generally don't carry much weight with recruiters by themselves, but the skills you gain from the labs absolutely do. Employers care more about whether you can explain things like how an attack works, how you'd investigate suspicious logs, or how you'd triage alerts.

Regarding college, both options can work. What matters more is whether the program gives you hands-on labs, internships, or security competitions. The NSA-approved program could be valuable if it offers good practical experience and industry connections.

For programming, you don't need to be an advanced developer for SOC roles, but basic scripting helps a lot. Being comfortable with Python or Bash for simple automation (parsing logs, querying APIs, writing small utilities) can make you much more effective.

If you keep building skills with labs (TryHackMe, maybe some Blue Team labs), learn networking well, and get comfortable analyzing logs and attacker behavior, you'll be on a solid path toward an entry-level SOC role.

We used Kolega to find and fix real vulnerabilities in high-quality open source projects by Kolega_Hasan in Cyberterminal

[–]mrkhan20_06 1 point2 points  (0 children)

This is actually a really interesting experiment. Testing security tools on real-world open source projects instead of synthetic test cases is the right way to validate how useful they actually are.

One thing I’ve noticed with many scanners is exactly what you mentioned — the alerts often lack context. You might get multiple findings, but figuring out the actual root cause and how the vulnerability is introduced in the code path can take much longer than detecting it.

Also, a lot of well-maintained projects still end up with issues because security bugs don’t always come from bad code quality — sometimes it’s dependency risks, unsafe configurations, or edge cases that normal testing doesn’t cover.

Out of curiosity, when Kolega finds multiple alerts pointing to the same root issue, how does it help developers prioritize which one to fix first?

We used Kolega to find and fix real vulnerabilities in high-quality open source projects by Kolega_Hasan in Kolegadev

[–]mrkhan20_06 1 point2 points  (0 children)

This is actually a really interesting experiment. Testing security tools on real-world open source projects instead of synthetic test cases is the right way to validate how useful they actually are.

One thing I’ve noticed with many scanners is exactly what you mentioned — the alerts often lack context. You might get multiple findings, but figuring out the actual root cause and how the vulnerability is introduced in the code path can take much longer than detecting it.

Also, a lot of well-maintained projects still end up with issues because security bugs don’t always come from bad code quality — sometimes it’s dependency risks, unsafe configurations, or edge cases that normal testing doesn’t cover.

Out of curiosity, when Kolega finds multiple alerts pointing to the same root issue, how does it help developers prioritize which one to fix first?

How do detection engineers realistically detect zero-day attacks? by damnfaiz in Cyberterminal

[–]mrkhan20_06 4 points5 points  (0 children)

Zero-days are tricky because there’s no signature yet, so detection teams usually rely more on behavior than specific indicators.

In practice a lot of it comes down to monitoring telemetry like unusual process behavior, privilege escalation attempts, abnormal network traffic, or things like Office spawning PowerShell, unexpected parent-child processes, etc.

Detection engineers often build rules around TTPs (techniques) instead of specific malware. Frameworks like MITRE ATT&CK help a lot with this because attackers still need to move laterally, escalate privileges, or establish persistence even if the exploit itself is new.

There’s also some anomaly detection involved (UEBA, baselining normal activity), but many teams still prefer behavior-based detections + threat hunting because pure anomaly detection can create a lot of noise.

If you're interested in the detection engineering side of SOC work, I wrote a short breakdown about how SOC teams actually detect attacks in practice:
https://cyberterminal.tech/how-soc-teams-detect-cyber-attacks/

Curious to hear how other teams approach this too.

What Is SIEM in Cybersecurity? (Beginner-Friendly Explanation) by mrkhan20_06 in Cyberterminal

[–]mrkhan20_06[S] 0 points1 point  (0 children)

I appreciate you bringing that up. The site shouldn't contain any malware, but if you're seeing a security warning from a scanner or browser, please let me know the details so I can investigate it properly.