I need it.
Thats it. Exciting post right?
Thursday, January 7, 2010
Wednesday, January 6, 2010
Stay current or die
The first thing I noticed in the field of tech in general and Infosec is no exception, you MUST stay current or else.
First thing you need to realize is that 99.99% of the information is free. There are plenty of people that give back by posting their data, research, or just what they are working on for free. If your paying for your information your doing it wrong.
Start with http://reader.google.com and search for security related feeds. Get a lot and just remove the ones that hold 0 interest for you. This will help you realize what in InfoSec really interests you. You will soon find that you can't be a 'Rock Star' in all things security all of the time.
Another excelent source of information are free Podcasts. In this day in age everyone has someway of getting content and a device to play it on. Most people will have a ride to work or some other means of free time that they could listen to a pod cast.
There are a few good security ones out there:
Exotic Liability
Security Justice
Pauldotcom (biased opinion)
Network Security
Amazingly to me some people like Security Now! a cleverly designed cure for insomnia and nothing more than a vehicle for 30 min comercials on what ever Leo Leporte is pushing this month and Steve Gibsons Spinrite 6 *yawn* but they have a following, and my thoughts are just that my thoughts. Your taste I am sure differ from mine.
As a nice off shoot I suggest the Social-Engineering.org podcast. Its related but very specific on how to work with people to get information your looking for.
Through these methods you will learn who the "Rock Stars" are and they all have some presence on the myriad of social media sites that you can follow them and see what is going on in the industry.
My final suggestion is the one that is NOT free not by a long shot. That is to attend various Security based conferences or Cons. The big one is the Black Hat / Defcon extraviganza in Las Vegas every summer. Then from there you can find smaller more local events... such as SchmooCon in Washington DC, and this year QuahogCon in beautiful RI (again kinda biased as I sit next to the creator) Thoes are the three I will be attending for the first time this year so I can't yet speak to the quality but easy to find other peoples opinions on them. I will post soon after I attend them my thoughts.
again these are some of the methods I used to stay current on events in the infosec world and wrong, right or indifferent its what I did. This blog is not intended to just be a push type of thing where I force out my thoughts as law. I am always looking for suggestions or flat out criticism.
First thing you need to realize is that 99.99% of the information is free. There are plenty of people that give back by posting their data, research, or just what they are working on for free. If your paying for your information your doing it wrong.
Start with http://reader.google.com and search for security related feeds. Get a lot and just remove the ones that hold 0 interest for you. This will help you realize what in InfoSec really interests you. You will soon find that you can't be a 'Rock Star' in all things security all of the time.
Another excelent source of information are free Podcasts. In this day in age everyone has someway of getting content and a device to play it on. Most people will have a ride to work or some other means of free time that they could listen to a pod cast.
There are a few good security ones out there:
Exotic Liability
Security Justice
Pauldotcom (biased opinion)
Network Security
Amazingly to me some people like Security Now! a cleverly designed cure for insomnia and nothing more than a vehicle for 30 min comercials on what ever Leo Leporte is pushing this month and Steve Gibsons Spinrite 6 *yawn* but they have a following, and my thoughts are just that my thoughts. Your taste I am sure differ from mine.
As a nice off shoot I suggest the Social-Engineering.org podcast. Its related but very specific on how to work with people to get information your looking for.
Through these methods you will learn who the "Rock Stars" are and they all have some presence on the myriad of social media sites that you can follow them and see what is going on in the industry.
My final suggestion is the one that is NOT free not by a long shot. That is to attend various Security based conferences or Cons. The big one is the Black Hat / Defcon extraviganza in Las Vegas every summer. Then from there you can find smaller more local events... such as SchmooCon in Washington DC, and this year QuahogCon in beautiful RI (again kinda biased as I sit next to the creator) Thoes are the three I will be attending for the first time this year so I can't yet speak to the quality but easy to find other peoples opinions on them. I will post soon after I attend them my thoughts.
again these are some of the methods I used to stay current on events in the infosec world and wrong, right or indifferent its what I did. This blog is not intended to just be a push type of thing where I force out my thoughts as law. I am always looking for suggestions or flat out criticism.
Tuesday, January 5, 2010
In the begning
So why create this page well for one its free and I am sure that means the security sucks. Second to help keep me honest. My intention is to chronicle my work towards not being a sec-n00b.
I realized in working with Larry from the Pauldotcom security podcast that I am as the title states. I am really just a systems administrator that works on IDS / IPS platforms and nothing more.
So part of my 2010 resolutions / goals I want to work towards becoming more in the Information Security field and there by improving my quality of work.
So this space exsists to keep me honest and I can look back and say I haven't posted in X number of days perhaps I should do something.
I realized in working with Larry from the Pauldotcom security podcast that I am as the title states. I am really just a systems administrator that works on IDS / IPS platforms and nothing more.
So part of my 2010 resolutions / goals I want to work towards becoming more in the Information Security field and there by improving my quality of work.
So this space exsists to keep me honest and I can look back and say I haven't posted in X number of days perhaps I should do something.
Hello World!
That is it... Hello world its usually the first program you write is display some simple chars on a screen. So to that end that is all I am doing here is starting out on one of my 2010 projects.
Subscribe to:
Posts (Atom)