There are a whole bunch of articles outlining the talent gap in security related positions. More and more jobs require IT skills and IT systems are more and more integrated in all areas of our life with an dramatic increase of open positions in security and privacy.
People living in areas like SF / silicon valley, New York or Zurich can find easily new jobs within days, but those locations are also very expensive and some companies can not hire there.
There is a good opportunity to fight the talent gap: hiring remote
This post is not to outline the benefits of shortcomings of working / hiring remote but the fact that it is very hard for candidates to find companies welcoming remote security minded people.
On the other side, companies have a hard job, market themselves against the big brands to attract remote people.
That combined is the reason I created yet another list on github, called companies-hiring-security-remote. It is a curated list and open for issues / pull requests to act as a platform for job seeking people and companies to give them a little more visibility.
I really hope that this will help people and I am happy to receive feedback.
As you might know, I love to combine several OpenSource tools to get things done. One thing I wanted to play for some weeks is Autotimeliner by Andrea Fortuna.This tool is made to extract events from an Memory Image to combine it into a timeline. If you have a timeline, what comes next? Of course, putting it into Timesketch. So let’s give it a try.
We start with a memory dump from a Stuxnet infection from https://github.com/ganboing/malwarecookbook. Download the four files, extract them and you are good to go.
Prerequisites
Volatility
Installation is pretty easy, install Volatility either via pre-compiled binary or install it manually, see the Volatility installation wiki for further information.
From the CSV that was generated, use your favourite tool to extract the first column of the csv which should look like that:
Date
Tue Oct 20 2009 12:08:04
Tue Oct 20 2009 12:08:04
Tue Oct 20 2009 12:08:06
Tue Oct 20 2009 12:08:06
Tue Oct 20 2009 12:08:06
Tue Oct 20 2009 12:08:06
Tue Oct 20 2009 12:08:06
Tue Oct 20 2009 12:08:06
Tue Oct 20 2009 21:21:26
Wed Oct 21 2009 00:02:28
One of the most frequent questions I get asked by my students: What books should I read if I want to work in Cyber Security?
So I reviewed what I have read so far, talked to colleagues I trust to conduct the following list (as I have a lot of german readers, there is always a link to the german and the english version). The list is a mixture of educational books as well as books that will give an idea about mindset of hackers, defenders and other players in that field.
If you have other recommendations, opinions or comments, I would highly appreciate every feedback in the comments below.
I will try to update the post on a regular base as new trends are coming up e.g. machine learning, AI or blockchain (but I do not see any must-read-books in that areas).
It is fair to say, it is not the only way into the security area, a good amount of people learned by blogs, twitter, youtube and such and there is nothing wrong with it, it is quite the opposite, as the pace of change is so fast, it is hard to keep books up to date.
Every item has links to amazon.com, if you happen to buy the book using the links you support the blog, thank you for that.
1. The Art of War
by Sun Tzu
A relative short (and cheap) book that teaches various aspects of war that most experts agree can also be applied to cyber security. To be honest, there are also a good amount of people who think Art of war is not as important, so read it and make your own opinion.
At least it will be a good ice breaker for networking.
2. Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker
by Kevin Mitnick
This was the first security related book I read after attending a conference talk of the author Kevin Mitnick. It is fair to say he is one of the most known hackers and reading his stories gives the reader first hand access to the mind and motivation of a hacker. The book is also very good to read.
4. Practical Malware Analysis: A Hands-On Guide to Dissecting Malicious Software
by Michael Sikorski
Reading that book will equip you with all concepts and skills to analyse malicious files. This is even a very good skill if your goal is not to become the top notch malware reverse engineer, but the concepts outlined in the book will help to understand weaponizing files to target systems or users.
5. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon by Kim Zetter
This book covers the maybe most prominent cyber security attack in history: Stuxnet. To understand motivation of companies to invest money in cyber security, knowing and trying to understand the Stuxnet case is so helpful and Kim Zetters book is the best to do so.
This list would be incomplete without at least one book covering the offensive aspect of cyber security professionals: red teaming. Even if you do not want to be payed to hack into companies, it is good to know what the people getting paid to hack into companies have read without a doubt.
7. Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan
by Jeff Bollinger, Brandon Enright, Matthew Valites
Legendary book outlining how to ramp up an Incident Response Plan to defend a network. If your goal is to go into red teaming, read that book to understand how defenders work.
10: Computer Incident Response and Product Security
by Damir Rajnovic
Damir „Gaus“ Rajnovic created the standard to read to set up an Computer Security Incident Response Team (CSIRT / CIRT / CERT / CSIRT) or a Product Security Incident Response Team (P-SIRT).
11: Applied Cryptography: Protocols, Algorithms and Source Code in C
by Bruce Schneier
A top x list in Cyber Security without a book from Bruce Schneier is not worth to listen to. Bruce Schneier is the rockstar in the area and his book the go to for cryptography.
You need to understand how to write secure code. Without that know how it is way harder to argue on basic security principles. This book is bootcamp for that purpose.
Bonus: The Ultimate Hitchhiker’s Guide to the Galaxy
by Douglas Adams
When asking friends for opinions and recommendations for that list, the ultimate hitchhiker’s guide to the Galaxy was mentioned „because no security professional will take you seriously if you haven’t read it“ – nothing to add here.
You might have discovered, it is not yet 15 books, I am still on the journey to discover the remaining bricks. But rather prefer to let people read less books that have a big impact than more books with some that might not be the same caliber.
Have fun with reading.
(This post is inspired by 15 Must Read Books if You Want to Work on Wall Street)