Learning real Information Security

Hello readers, how are you? Yesterday, a friend (Arthur) requested an honest opinion about working in IT Security, so few points follow:

  1. There are five interesting areas in IT Security which you could choose:
    1. Hacking
    2. Digital Forensics
    3. Software Exploitation
    4. Memory Forensics
    5. Malware Analysis
  2. Hacking is the most known area where we can find most offensive IT Security professionals. It is necessary to learn and study many concepts about infrastructure and operational system internals. Additionally, it is suitable to learn languages as C and Python, for example. Doubtless, it is the most famous security area and there are many things to learn.
  3. Digital Forensics is a known area (do you remember the CSI series?) where is focused on examining network and disks clues for trying to prove either a malware infection or intrusion. It is the fundamental area of Forensics Analysis and you need to learn detailed concepts about Windows, Linux and Mac internals (much more than Hacking) before beginning. Moreover, it would be recommended to learn languages as Python and Perl. In my opinion, it’s a fascinating area.
  4. Software Exploitation is an extension of Hacking where you learn how to find flaw in programs (buffer overflow and heap overflow, for example) and write your own exploit, so it is a huge difference from simple Hacking where 99% guys only know how to use tools. Furthermore, you are required learning Assembly, C language, Python, Perl and to know about Windows and Linux internals. Doubtless, the learning curve is too steep.
  5. Memory Forensic Analysis is a natural continuation of Digital Forensic Analysis, but you need to delve into very detailed structures on Windows for being able to perform precise and effective analysis. Unfortunately, almost everybody believes that learning a cool tool is enough (thousand miles away from the true) and these professionals NEVER will understand Memory Analysis. Usually, you have to learn everything about Windows, Mac and Linux Internals, and having a very good knowledge about Security in general. This can be a challenging area.
  6. Malware Analysis is the most challenging area (by far) on IT Security because you need to learn Assembly, C, Python, Debuggers, Disassemblers, Windows Internals, Reverse Engineering, processor internals and several types of anti-forensics techniques. You will pass countless nights studying and practicing your analysis. Moreover, every usual rules are bent my malware’s authors then sometimes there is little hope and no solution on the horizon.

Becoming a real hacker is walking a very complicated and long way. Differently from any other areas (Backup, Virtualization, Programming, Databases, Switches, Routers, Cloud, and so on), in IT Security you are NOT limited by either a product or a brand. There are not borders. Everything it is interleaved and we are obliged to learn about each detail to understand the whole scenario. For example, I have heard professionals who tell working as Malware Analyst, but when I start to explain the stuff then they realize that their knowledge is not so complete. Additionally, other professionals like working in IT Security Management and I think it is a very nice area, but it is not really IT Security. They are NOT hackers.

Thus, if you like working for a specific brand / product, so IT Security is NOT for you. True hackers learn the necessary stuff with your colleagues and everything else they learn alone. There is not an exclusive concern to certifications (yes, they are still important), but only learning a new stuff every time even you take a long time and face serious problems to get it.

In Brazil, there are excellent companies where you can work with Hacking and Digital Forensics, but your options will quickly narrow when learning the other three areas because most Brazilian companies are still not prepared to hire this kind of professional. Nonetheless, if you are looking for jobs in USA then all ports are open for you because there are many opportunities to work as Malware Analyst, for example. In my personal opinion, these areas will have an outstanding interest in Brazil in a near future and who starts to learn them will have a competitive advantage.

Does it worth to learn these areas above? Yes, it does. Definitively, as bigger is the challenge, bigger is the prize. However, it is my duty to alert you that thoroughly learning security requires a huge and endless effort. I can assure you that you will be frustrated several times during your study and before two years at least you are lost without a direction. At end, everything will be rewarding and, in particular, I can mention that:

  1. It’s possible to provide consultant services in hunting and analyzing malware for private companies and earn outstanding money.
  2. Certainly, it is very rewarding being able to know security in this very special level of detailing.

My friends, you should not be deceived: security (in this level) is the most brutal and hard area in the Information Technology. You will NEVER stop to study and, as I have been doing every single day for many years, soon you are studying several hours per day. Darkness, suffering, paining and anguish are coming, literally. This is only for a strong.

Finally, it is appropriate remembering the statement from John Milton in “Paradise Lost” (1667) and quoted by Morgan Freeman in the movie “Seven” (1995):

“Long is the way and hard, that out of Hell leads up to light…”

Have a nice day and if you liked this text, so share it, please.

Alexandre Borges.

(LinkedIn: http://www.linkedin.com/in/aleborges and twitter: @ale_sp_brazil).

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s