Where do you learn your security stuff?

I've been in the IT world for a few years now. I've basically learned everything from work experience. But the people here aren't the brightest. I would imagine there are some really good podcasts or blogs somewhere for security. I want to learn more. I want to make my own personal stuff more secure. I'm talking firewalls, VPNs, the latest hacks. I'm pretty much coming from some basic knowledge of managing a domain, VMware, and SQL. I was a consumer level technician for a few years so I've got your typical laptop/desktop hardware/software stuff down nicely.

So yea, please share some good podcasts or sites!

1 Like

Books... are pretty good sauce: Hackers Playbook 2, RTFM (Red Team Field Manual), BTFM (Blue Team Field Manual), Twitter (yes, twitter.. the infosec comunity is very active there), BlackHat, Defcon, CCC, Hak5, ...

4 Likes

interesting, I was hoping to do as much as I can without spending any money at first. but books aren't that bad so hopefully I can grab some of those soon

I'll have to give those books a look-see. I just got out of a network security degree program, and I feel like I know nothing.

Lynda.com is pretty good if you have a subscription

1 Like

I fell your pain.

CIA.. Apparently that's all you need to know, its everywhere xD

Seriously though, probably a mix of sources, hands on, books, learning (formal or otherwise), internet, learning from other people.

1 Like

Security Now is a weekly podcast that covers all kinds of issues and tools. Schneier on Security is a useful blog. Neither of these will give you the in-depth training of books, but can point you down useful avenues and help keep you up to speed. I'm on my phone, but will post links when back at the pc.

I'm trying to put together a modest security blog-wiki thing for the community, as I'm seeing a lot of security-related questions, and it would be nice to have a more permanent place to aggregate all of this useful information. Keep an eye out for it in the next few days, and please consider contributing.

EDIT: Added links.

2 Likes

Udemy.com courses. Wait until they go on sale for like $30 and pick up some interesting video courses that are 10+ hours.

I've found just using youtube channels like hak5 to expand my knowledge has helped. The internet is a good resource to learn things like metasploit, just by using things like youtube.

1 Like

Pluralsight has probably everything you can think of, but is expensive. You need to have a monthly subscription.

Something may be in the works for a wiki type place for tek syndicate. Its being discussed, A security related wiki is a nice idea.

Its well worth signing up to the crypto-gram newsletter. https://www.schneier.com/crypto-gram/

Once monthly, it has a good spread of security related news, and well written, not just links.

I learned a ton by hanging out with the IT teaches at my community college over the summer.