What does a Cyber Security Operations Analyst do?
HTML-код
- Опубликовано: 30 июн 2024
- In this video I explain the different types of Cyber Security Operations Analyst and what certification you can do to become one!
Link for Free Splunk training:
education.splunk.com/free
eLearnSecurity eJPT:
get.ine.com/eJPT
eLearnSecurity Certified Incident Responder (eCIR)
get.ine.com/eCIR
Note: I may earn a small commission for any purchase through the links above
Thank you so much UG! No video on YT paints a clearer picture of the jobs. Your insights are really great!
Thank you so much for your kind words! I really appreciate this support, it helps a lot!
The specificity and distinction in roles,is much appreciated.Thankyou for sharing.
my pleasure!
Best cyber security advice I’ve heard out of these other RUclipsrs
Thanks Kofi, appreciate your kind words 🙏🏻
Thanks for the great insight into this role. Please do more videos on the other roles in cybersecurity? I'm very interested in the different types of positions in cybersecurity and want to know more
Hi Arham, I have a whole playlist of videos that talk about different specialisations, watch it here: Cyber Security Specialisations
ruclips.net/p/PLdI5VHN89i7XgaT-dWsthpAKOmjAF3gCR
Wow you just demystified every wrong assumption I made about what those roles actually are and what they do. Thanks for the valuable info about the tools. I will definitely look into those as they are very interesting to me.
awesome, good luck!
@@UnixGuy I just realised that my one of my home servers is becoming security centric. Nessus, openvas, autopsy, alienvault. It's nice to be able to generated your own data and analyse it. Rather than just watching a video. Cheers
@@viq234 100%, keep practicing with these tools and add them to your CV ;)
Hey I just started watching your videos. You have a nice calm demeanor for explaining things and you explain them very thoroughly.
I have my sec+ and have been working as a security analyst for about a year. I do lots of different things - manage a SIEM, M365 Security Center, IAM processes, Phishing campaigns, policies, etc.
Finding vulnerabilities and explaining to the infrastructure team how to patch vulnerabilities is cool, but I really want to get more hands-on and work on patching the vulnerabilities myself.
Would you be able to share any insights on the knowledge gaps that can show up between security analysts and security engineers? What should a security engineer know that a security analyst would not be expected to know? How would someone like myself make a smooth transition from analyst to engineer?
hey mate thanks for your kind words!
I think you’re off to a great start in cyber security, your role is generic enough that you can pivot to pretty much anything
As for patching the vulenrability, it’s not a specialty on its own, its literally just installing updates or some config changes here and there. Not something that I recommend you to work on and its something thats usually done by windows/systems engineers not security people.
If you want to expand your skills more, time to do some practical hands-on certifications that will be both challenge and open your horizon to what else is available to do. Try the certs I talk about here. specially the Blue team cert:
ruclips.net/user/shortsl_y7DsJl29w?feature=share
@@UnixGuy Wow thank you so much your quick and thoughtful reply!
It has been somewhat challenging understanding the complexities of how each role interacts with other roles especially being so new. But it's also very interesting to see the wide range of possibilities for what people can do in IT.
Just checked out that video you linked. I didn't even know that you could get certifications in Splunk! My manager was talking about potentially trying Splunk out down the road vs. what we are currently using so I will see if the company I work for will pay for me to get that and BTL1.
Thank you again for your insights. I can tell that you care about people. You've got yourself a new subscriber!
@@AnyLastWords_ no worries at all! exciting times ahead for you, you can build an entire career on Splunk alone, go explore and have fun!
Fantastic video! Thanks for your help.
🫡 this is an updated version of this video:
ruclips.net/video/DRJic8vCodE/видео.html
Really enjoying your new uploads mate.. keep it up :)
Thanke Shrawan, haven’t seen your name in a while, was wondering what you were up to :)
@@UnixGuy Thank you for remembering me :). I always watch all your uploads when I get the notification. I was kind of distracted past few months so paused by studies. But now thanks to your new uploads I'm again motivated to start studying for my Security+ . Hopefully will get the cert within the next three months.
@@ShrawanRegmi good on you mate! so many free resources online for security+, if you put your mind to it you can finish it in 4 weeks
@@UnixGuy thank you..I'll certainly try. And please keep uploading so that I get my motivation refills lol
@@ShrawanRegmi haha good luck!
Than you! This really helps me so much will start in July for cybersecurity
good luck! I have an updated version of this video here:
ruclips.net/video/DRJic8vCodE/видео.html
@@UnixGuy Awesome thanks
Very informative. Bless you
🙏🏻
Great video. Thanks for sharing.
🫡
Solid advise thank you
you’re welcome Ibrahim! I made a shorter version focused on certs:
ruclips.net/user/shortsl_y7DsJl29w?feature=share
Hello Sir, yours videos are great and consists of real and practical answers. Actually I'm a CS undergraduate student and this is my 2nd year. But, I'm more interested in cybersecurity. I know how to install linux and basic commands and basic networking also but I don't know what to do next. Could you guide me as a beginner what to do now???
hey mate, there are many things you can do. You can study for security+ or even eJPT. This video contains few suggestions to gain some experience:
ruclips.net/video/GPmVphOqSGY/видео.html
compTIA sec+
compTIA Cysa
Microsoft SC-200 (AZ900 if you want to learn the cloud fundamentals and SC900 for compliance and identity)
then SC100 (cyber architect)
then AZ500 (azure security engineer)
merk these courses and training and youll be in a serious game of making money.
great content
cheers
Great content as always. In your opinion, is it necessary for one who already has CISMP to go for comptia security +.
If you’re referring to ISACA CISM then there is no need to do security+ at all! You’ll benefit from picking a specialisation and cert deep into it. Here’s a playlist of cyber specialisations: Cyber Security Specialisations
ruclips.net/p/PLdI5VHN89i7XgaT-dWsthpAKOmjAF3gCR
I've been watching your videos for a while, and the honesty drove me away....for at least a week! At first it was, "OMG, it's really horrible!" A week later it was, "I can do horrible; I'm a freak!"
you find honesty ‘horrible’ ? you prefer people lie to you? 😂
@@UnixGuy No, I was thinking more of the people quitting under stress and being fired all the time, the mental illness and people leaving in droves. That kind of honesty. That sounds "horrible" for a career, but it's just reality, so you need to be prepared to avoid investment. No surprises now. Also, trust me on this, homelessness and poverty provide a laboratory of "stress" that is much worse than ANY soap opera coming out of a SOC at any time! We invented Stress in my country; just keeping a roof over your head legally is stressful in the good 'ol USA! On the other hand, a person needs to ask himself if he's already half suicidal from the rat race if he needs the stress of cyberwarfare!
@@marklampo8164 ah got ya! To be honest ‘stress’ can be very subjective, someone get stressed out for things that don’t seem stressful to others. it comes down to perspective and maturity
@@UnixGuy Good point! I'm reading the "stress" in this case among new recruits is being caused by "repetitive and boring work," which is actually the opposite of the definition of "work stress," which is unpredictability and unfairness and unpreparedness, etc. Curiouser and then some! ;-)
@@marklampo8164 yep it’s all subjective my frienf, some people like chaos and others prefer a more organised work environment :)
Listening to you can make one have the passion to be into this field but one must first check the job demand in their area. I did yesterday upon drawing my roadmap based on the first video i watched from you…. Well the demand is not quite high in my area. I ve got a loan due to graduate school degree I was never able to even find an entry level in. I don”t wanna go through that again.
Understandable, we each are in a different situation in life. However, I emphasize in my vidoes that a career change (of any kind) is not easy. It takes 3-4 yrs for someone to become a nurse for example. Im not sure why people expect cyber security to have hundreds of open entry level job that require very little - it is a process and its possible if someone puts in the work
Hey great vid! Btw you wouldnt be constantly called out of the 9to5 time right? as i understand
I did on call roster when i was doing that role
Awesome video! Im currently working on ISC2 Certified in Cybersecurity. Do you think as a beginner it is advisable to do eJPT certification before CySA+ if I plan to become a SOC analyst? I think understanding the offensive side will come in handy on the defensive side.
hey mate, eJPT is a great cert to do at any stage of your career. I’m not a huge fan of CySA+ because it’s very theoritical, instead I recommend Blue Team Level 1 cert it’s practical and will give you great skills
@@UnixGuy Thank you for the advice. I just want to say you are doing a great job. You inspire me to become someone like you, guiding lost beginners to their dream. Have a nice day! Greetings from Poland!
@@ramigiusz565 thanks for your kind words my friends, I didn’t have anyone to guide so I want to do my best to help others 🫡
I really appreciate your videos and all the info you give! I havr a question, after sec+ would you go for Cysa+ or BTL1 ? i've seen you have recommended btl1 in another video but don't know which one will help me learn more
both are solid options! i lean more towards BTL as it is practical :) both!
@@UnixGuy thanks for the response! Maybe both? Since Cysa+ is probably more in demand for the companies?
@@giuliaferraro6077 correct :)
Thanks! :)
Do you recommend online resources for Comptia or go directly with their training?
the free online resources are fine, just make sure the resources you use cover all the update to date exam objectives from CompTIA
What about the cyber incident management team? Any other common position names? They typically oversee and provide oversight of changes etc. Also they handle data breaches, look over incident reports, etc.
that sounds more like ‘incident management’ or crisis management or major incident response and usually isn’t a technical role but more of a coordination role.
Hi Unix Guy! That is all great info, thanks! I have a question regarding the Security+. I have a Masters in Networking and Cybersecurity and some general IT experience. I still find it hard to get even an interview in Cybersecurity. So..I am interested in Threat Intelligence and I am thinking to go for the CySA+, just because after an MSc I do not want to go for a beginner level cert, I even think it might look strange to someone on my CV. I have the MSc for 2 years now. What would you recommend? Thanks so much!
You’re better off doing certifications that are practical instead of CySA+ ( not because CySA+ is bad) but because the lack of cyber experience is probably whats holding you back. Start here:
ruclips.net/video/LFlsDm8w36A/видео.html
@@UnixGuy Thank you! I actually have some ongoing yes and some done during studies, I will deffo put them in my CV!
Wait so cloud computing is no longer in demand? If not what is the most in demand roles? What do u predict will be in demand in the next 10 years
I never said that? SOC analyst is the most in demand WITHIN cyber. In 10 yrs time technology will continue to evolve, choose either cyber or cloud and get good at it, the fundamentals don’t really change. Either choice is good
Hello Sir, how do you get around the experience requirements by the employer if you are applying for a SOC analyst position with certifications only and zero experience? Even the entry level / or junior SOC analyst positions they want you to have at least few years of experience. I am currently doing IAM/PAM work and would like to switch field. I understand a lot of security concepts, fundamentals, CIA triad, etc., but with zero experience as a direct involvement in SOC as a security analyst. Any advice is greatly appreciated.
Hi mate, I talked about this in this video:
ruclips.net/video/ug_ruisDUXc/видео.html
I gave you a plan to build out that experience
Bro cloud engineer vs cyber security which one you recommended as per demandable in future?
they both have great demands, so I recommend YOU love the most. If you’re not sure, do both!
I just applied for a bunch of colleges with cyber security, I'm trying finding all the jobs and trying to figure what would be best for me
good luck! exciting times :)
I am a 42-year-old Brazilian who has always loved technology, unfortunately, I let life take me in another direction and now I regret it. It is my dream to be a SOC analyst but now I feel like it's too late, it feels like it would take centuries to learn all of this. Since i got nothing i was thinking about CompTIA A+, CompTIA Network+, (CCNA), (CISSP), ITIL Foundation, AWS Certified Cloud Practitioner just to warm up xD. Please give me some advice or just say " give up" . xD
Ricardo, it’s never too late! I recommend you start studying hard today, you’ll be surprised how much you can learn/accomplish in 12 months. Please ditch the cerrifications you listed and stick to the ones I recommended in this video, the last thing u want to do is waste time on A+,N+ , CCNa and ITIL, none of those have anything to do with being a SOC analyst
@@UnixGuy Thank you very much sir
@@ricardocarvalho6248 you're welcome :)
It’s never too late! Get your Sec+ first. Things tend to be easier after that.
Nunca é tarde. Tenho 33, comecei a estudar há alguns meses e vou tirar Security+ nas próximas semanas. Fui garçom e motorista de aplicativo pelos últimos 4 anos. Não comece pelo A+ se você já tem uma boa base de tecnologia e computadores. A parte que pode pesar mais é Networking mas não se intimide e pegue firme nos estudos! Logo logo a gente chega lá! 👊
Dear UnixGuy, what do you think of the BTL1 certification? I heard it is more lab-based than the CySA+ but also not as widely recognised. Would you recommend it over CySA+? Thank you.
I heard good things about BTL1, but I haven’t got a chance to review it yet. I think you can’t go wrong with either to be honest
@@UnixGuy I just finished Security+ and planning on BTL1 but heard that it is quite challenging. Do you think I should get the eJPT and some offensive experience first?
@@primebore start with BTL1 its fine
@@UnixGuyOK thank you!
@@primebore u welcome
Are threat management and vulnerability management the same thing? I saw some Americans talking about VM area in cyber but not sure what they call it here in Australia
Vulnerability management is managing vulnerabilities on systems/endpoints/applications, usually by running a vulnerability scanner and patching those systems to ‘fix’ those weaknesses/vulnerabilities.
Threat management, is more about anticipating/detecting threats which are usually cyber attacks that comes in many forms. So we create detection rules using something like a SIEM
Thank you for the excellent reply. Which job title generally undertakes vulnerability management?
@@Lurker1130 job titles are all over the place in IT, it can be ‘security analyst’ or ‘vulnerability management analyst/specialist’
Hello! Please suggest my next step- I want to work as a SOC Analyst, and I just started work in a help desk position. I have an Associates degree in cyber security and security+ certified. Any recommendations for the next certification and how much help desk experience will be adequate to get an entry level role in cyber security? Love all your videos!❤️
Hi Lili, well done on gaining the degree and security+. Your next step is following the plan in this video, for you it will be CySA+. Then, you’ll need to talk to people in your area, apply for jobs, etc and keep doing more certs. You can also learn some Splunk.
Thank you so much for your response! I went through your video carefully, and noted all your suggestions. My question is, here in the USA, I have applied for SOC analysts jobs, Tier 1, and gotten no response at all. I have noted that mostly all say they either require, or prefer a bachelors degree, or years of experience in a SOC. I cannot get my foot in the door without an opportunity unfortunately. So I am thinking maybe finish bachelors first before Cysa+ and learn Splunk? I wish I could do both at the same time, but not possible.😅
@@lilipatel1551 yes the certifications will help. Look into doing a bachelors online with WGU, its accredited and have certifications built in
@@UnixGuy great plan!🙏🏼🤗
@@lilipatel1551 no worries - good luck Lili
Which cybersecurity job role will give you the most opportunity to work from home?
To be honest that seems to be more company dependent than role dependent! Have seen SOC analysts work 100% from home and have also seen GRC analysts do that. My recommendation is pick something you actually love and can get good at, then you can target work from home opportunities
Hello,
I’m working as cybersecurity consultant. My job is on Microsoft security like EDR, M365 defender, MDI etc. I’m analysing the alerts which come in mde. Alert investigation. I am planning to do CEH course. Can you please tell me how should I proceed in my future? Is CEH good for my profile?
CEH is not the certification that I recommend. I recommend you do the certifications that I talk about in this video instead
Do i have to be an expert in CTFs to become a SOC analyst? A lot of people advise me to do more CTFs! Is it essential?
They’re not essentials, CTFs are just good practice. What you need is knowledge of methodologies, concepts, and tools used in a SOC, all of which can be obtained through the certificationa that I laid out in the video. CTFs are for practice and ‘fun’
@sultan sms some ctf's You recommend?
I'm a Msc student in cyber security with a background in computer science and basic system administrative experience. what should be my first Entry job certificate into CS environment. SECURITY+ or ISC2 (SSCP)? I believe these are the cheap ones out there...?
Hey mate, I strongly recommend you watch this video because I answered your question in detail in the video:
ruclips.net/video/GPmVphOqSGY/видео.html
As for certifications, it depends on the QUALITY of your MSc, some students can pass CISSP with ease after their MSc because it covered all the topics.
As a generic rule, I’d say Security+ and if you find it ‘too easy’, tackle CompTIA CySA+, from there you need to choose a specialisation
@@UnixGuy thanks for your wonderful feedbacks .. Cyber security at Robert Gordon university Scotland...I would go with Security+ to help build my background since I just started my msc program..Then by the end of the program i would go for the CySA + or CISSP as you said..
@@eneokweifesinachi8840 awesome! have fun, it’s gonna be awesome!
Can u make videos about web3 smart contract auditing?
that’s a very specific topic, what do you want to know about it? what information did you find about it online so far?
How much networking knowledge is necessary for the SOC analyst role? Would basic theoretical understanding of OSI model, TCP/IP, DHCP, ARP etc. suffice? Or does one need more sophisticated knowledge like memorising the port numbers or having hands-on experience? Thanks.
that suffices and you should be able ti learn as you go. I have no idea why people obsess over ‘networking background’
@UnixGuy | Cyber Security Career As a reference, what would you say is the most difficult networking topic or concept that has to be learnt?
@@primebore none of them are hard. If you want to learn cyber security, just start. Stop obsessing over networking
@@UnixGuyI've researched online and sought opinions from many professionals, and most argue networking is very important. Just wanted to hear your thoughts. Thank you.
@@primebore i understand, best to start and find out yourself
I'm doing two this year security+ and comptiacysa+ then I will do splunk. How much time do I need ? I already have over 6years as a network technician. I wish on working remotely as a SOC.
this is an updated video, follow this roadmap please:
ruclips.net/video/DRJic8vCodE/видео.html
Hello sir:
Do you know about "Soucefire" a commercial version of Snort, is it an IDS or IPS.
Is it also possible to run IDS and IPS on the same network.
Thanks for your time
The first question you can literally type it on Google and you’ll get the answer.
The second question is yes, most commercial IPS/IDS are one in the same device (for e.g. Palo Alto next gen firewall has both funcationality)
@@UnixGuy Thanks
Hi .I am currently working firewall and paloalto pcnse certified.what I do next to move cybersecurity.or firewall is best for features job...
Start with security+ then maybe do CISSP. Watch the videos in this playlist, it has certification recommendations for each specialisation:
ruclips.net/p/PLdI5VHN89i7XgaT-dWsthpAKOmjAF3gCR
Hi,
I currently have an unconditional offer for cyber at maquarie uni, and a provisional offer for UTS.
Can you please have a look at the course content for each uni and let me know your thoughts on which is better?.
UTS is just starting a bachelor of cyber for 2023 (first time enrollments) so that's one thing to take into consideration.
Also just for the sake of asking, if you know which has a higher employment rate that would also be a big help!
Thanks, you've already helped me so much and I'm beyond thankful :)
they’re both good, I’d personally choose Macquarie
@@UnixGuy Ok thanks. I personally got unconditional Macquarie Uni offer. Bachelor of Engineering (Honours) /Information Technology. And if I major in cybersecurity in this degree, is it good? Also, I got provisional offer to study Bachelor of Computing Science (Honours) where I can also major in Cybersecurity? Which one do you recommend and why? Thanks
@@nomo6277 They are both good, I’d pick the computer science with cyber specialty, Macquaire is top notch. I made a video about them, look through my videos and watch it
@@UnixGuy Ok thanks. I also got offer for Advanced Computing (Honours) at Australian National Uni, where I can major in cybersecurity. Do you have any opinion on it? So, its better to go with the Macquarie uni > UTS. I will watch the video now. thanks
@@nomo6277 ANU is better for research if thats what you wanna do and you’ll need to live in canberra which is boring. Stick with macquarie
Hey mate, what about the BTL 1 instead CySa+ ? I have a Google IT Prossional, should i go for BTL next? Thx :)
Hi Stefan, I haven’t heard much aboit BTL to be honest so I don’t know how good they are! I can vouch for the quality of CySA+ and eLearnSecurity
@@UnixGuy okey thank you. I have a Google IT Professional, can I go for CySa+ direktly? :)
@@stefanangelov302 you can, it’ll just be a bit challenging! An alternative path that I recommend is to do CompTIA Security+ then do CySA+
@@UnixGuy thanks for your advice mate, stay safe !!!!
Do you have an opinion on the CompTIA CASP (Certified Advanced Security Practitioner)?
yes it is great! however I prefer more practical certs, I laid them out here: ruclips.net/user/shortsl_y7DsJl29w?feature=share
Hi,
I really enjoy your video because I feel you really want to help people like me; not like others that just try to sell you their products. Can I please ask your advice on the following?
I have a Cybersecurity Certificate (1 year degree) the Security+ and the CC; however, I haven't been able to land even an interview. I don't want to sit idly by and I want to get another certification hoping that it helps but I'm undecided between a cloud certification, a pentest certification or the Splunk certification. When I search for jobs in my area there is no clear winner. I am guessing that an AWS certification would be more valuable but after watching your video, I feel that Splunk will give me a bigger edge.
Thanks in advance for your feedback.
Hi Manuel
it depends on what you want to do, if you want to be a SOC analyst, then splunk certitications are excellent.
Why don’t u do all of them? the AWS cloud practioner shouldn’t take u long anyway but Splunk will probably give you the most bang for your buck
@@UnixGuy Thanks for the feedback!!! Unfortunately, I am unemployed and as much as I would like to take them all, I would like to make the next certification count.
@@chakalonzote splunk is free by the way. Watch this short video: Top 4 Certifications to become Cyber Security Analyst
ruclips.net/user/shortsl_y7DsJl29w?feature=share
@@UnixGuy I watched your short, while the training is free, the webpage is saying that it costs $135 USD to take the certification. Am I missing something? I wouldn't mind investing that money, but if I can get it for free, much better!
@@chakalonzote its true. You can always learn splunk and not do the exam until u get a job
Hello Sir! I have done my certification in CEH v11 & have about 2 years experience in AppSec. Can you please lay out a roadmap to become an SOC Analyst?
hey shreyas. the roadmap is laid out in this video, do the certificates that I recommended and you’ll be fine
Hlo bro, in which institute u finish your course
Hey there! Question- Can you make a video on malware analysis and roadmap, are there enough number of jobs?
there aren’t ‘enough’ jobs no, it’s a very niche area with small number of roles open. Find certs that teaches it and just do them
@@UnixGuy Thanks! so there are less jobs but since the field is niche it has great future. I will focus on malware analysis certs. Also, do you think automation will dominate this role? I don't think so
@@anantP-ip8op do what you think is best
Nice
🙏🏻
Cc, cysa+, Giac, SEC504 and splunk, would it be the road map? Thank you very much for your content, big hug from Argentina
hey mate, this is an old video! the roadmap you’re looking for is in this video:
ruclips.net/video/DRJic8vCodE/видео.html
@@UnixGuy With that new route, I was more lost, cysa+ is not there, I don't know. I'll look, thank you very much anyway
@@fedenfer why are you lost? I just replaced CySA+ with a more practical cert (blue team)
its essentially:
google cyber cert
then blue team
then you can specialise
@@UnixGuy ok, blue team instead of cysa+. ok friend, thank you very much for your time. hug
Hi, I am working as a soc analyst from past 2 years. I am looking for a job switch because of it's rotational working hours. Can you please suggest a job role in cybersecurity where I can use my experience and which is not required to work in rotational shifts. For that role which certificates you will recommend?
you can find a another SOC analyst in a different company that doesnt have shift work, thats the easier path.
If you want another specialisation, try this:
ruclips.net/video/s9LDWLfFOp8/видео.html
So what are the steps for Threat management and threat intelligence?
watch this:
ruclips.net/video/DRJic8vCodE/видео.html
I've been a SOC analyst for four years and trying to figure out my next step. Can you point my in the direction of career videos in my situation? Thank you.
time to diversify and add different skills:
ruclips.net/video/rz0RL4Xue-A/видео.html
Do you have a similar video for path towards cloud security?
I’ve got an older one with slightly different style:
ruclips.net/video/NGvgJKtygwo/видео.html
This one also touches one cloud (google): ruclips.net/video/jFje_WvBm-E/видео.html
I’ll create more detailed vids about cloud in the future as I think it’s a solid pathway
@@UnixGuy Thank you!
@@UnixGuy do you need python or linux to get into cyber security? not sure which one i should start with.
@@myway8950 The answer depends on the specialisation you choose. I each specialisation I specify the skills needed, this is a playlist of the specialisations that I discussed: Cyber Security Specialisations
ruclips.net/p/PLdI5VHN89i7XgaT-dWsthpAKOmjAF3gCR
I really hope I'll be able to get a SOC Analyst job only with Sec+, Net+ and some IT Support experience, I don't want to be longer than 2 years in SOC because I want to be a pentester actually, but it's extremely valuable to have an experience in Cybersecurity before going to the offensive side I believe. But for me, taking CySA+ would be going too far into the Blue Team. And on the other hand, I want to have that little experience as a SOC Analyst. So hopefully I'll be able to break into cyber without CySA+. If I realize it's being really hard to break in, then I guess I'm gonna have to end up taking the cert. 😅
hey mate, while SOC experience is good, you don’t really need it for Pentesting! The road to becoming a pentester is long as it is, I recommend you put all your time and efforts directly into Pentesting! Follow what the person I mentioned in this video did: ruclips.net/video/CePhURvdyqk/видео.html
@@UnixGuy wow! That’s good to know. Thank you! :)
@@FaLkraydz good luck :)
@@UnixGuy I'll take the Sec+ since I'm almost done studying and I already paid for the exam. But then I'll go ahead and follow your advice. I'll keep you posted. I thought about PNPT but changed my mind after an advice you gave me couple months ago, so my roadmap is gonna be Sec+>eJPT>OSCP>OSWE>OSED (All that in 3 to 4 years sounds pretty achievable to me). So I'm only thinking about eJPT and OSCP next year. If you don't mind sharing, I'd love to know your honest opinion about it, my end goal is to become a web pentester with a good exploit development skills since I like to code, which I know is not happening any time soon, it's a 3-to-4-year project.
I really appreciate the time you put in here and the attention you give to us. Once again, thank you sir.
@@FaLkraydz sounds like a solid plan to me! I would modify it and make it:
eJPT ==> OSCP ==> do your best to get a Pentesting job ==> then do any certifications or hack the box etc as you go
That shouldn’t take more than 12 months, OSCP takes 3-6 or 9 months at most, don’t let things drag for too long, and the prioritise getting a pentesting job
Where is the link for free splunk training?
I just added to the description box now
Am currently studying Cyber security Analyst on Coursera through IBM, I want to know the best operating system to use on Real life experience Lab?
hey Michael, I recommend you keep using the same OS you use whether its windows or Mac, and just use virtual machines to practice IF YOU need to, you may not need to do that anyway, depending on what you’re learning
@@UnixGuy Thanks bro
@@michaelumoinemeh8801 no worries at all
Most of the job post for soc they are asking IDS/IPS what is best course for this
That’s not true, if the job is heavy IPS/IDS then it’s probably a network security engineer job. There was a SANS course for this ( GCIA ) , and also some vendor related courses. Most people just have experience not courses when it comes to IPS
What are the courses under cybersecurity to become a professional because I don't have any background at all.
the answer is here:
ruclips.net/video/ug_ruisDUXc/видео.html
Is it possible the detection part of the SOC functions without a tool? Thanks
I don’t fully understand the question. Do you mean can a SOC function without a tool? how do you want to detect threats?
@@UnixGuy Yes. Security tools. For example: SOC engineers rely on SIEM that collects all the logs from security devices (IPS/IDS, firewalls, proxy, etc). This is also in related to your other video about whether AI can replace engineers.
@@babycutezz5665 SOC will always need tools, regardless of the underlying technology used
I just got admitted to BIT - Computer & network security as I don’t have a degree. Should I finish my degree first before certification course or I can start certification now?
Ideally get certifications now IF you can, that’s a big IF. It’ll depend on how hard your uni course is and how much time u got left
@@UnixGuy thanks for your time 🙏
@@Hotbillz my pleasure :)
Hii😍 I want ask you two questions
Do you need to be an expert to work in any field in cybersecurity especially ethical hacking
Can you work as a freelancer in this field from home?
you can work from home and as a freelancer. Ni one starts out as an expert, we all need to build out experience. This video explains the process: ruclips.net/video/GPmVphOqSGY/видео.html
also this video explains how to become and ethical hacker:
ruclips.net/video/CePhURvdyqk/видео.html
Hello, thanks for the video but it would mean alot to me if you helped answer my question. As a student finishinh highschool whats the best advice in pursuing a cyber career? Is it better to study computer science for the bachelors and then go for cyber in masters or begin straight away with cyber in bachelors and continue it to the masters level? Thanks very much and an answer from you or anyone here with some experience will be helpful
Hi, I answered your question in detail in this video:
ruclips.net/video/ys-_xQHaYAc/видео.html
@@UnixGuy thank you very much
@@muhoziarafat275 you welcome :)
@@UnixGuy one more question please, if someone has questions regarding a cyber career, is this the only way to contact you or there is another way? And also for a student at-least in my case, are there some student jobs related to cyber that one may engage him/herself in so as to have a better idea and a clear view of how cyber functions instead of sitting in classes for three or more years of studying? or if one is a beginner could we only concentrate on studying for certifications? I don’t know if my questions are clear but I hope you can find a way to answer both. Once again thanks a lot for your advice, cool and truthful videos.
@@muhoziarafat275 hey, yes comments is the best way to ask questions
try to find part time work, alternatively work through certifications to build your skills
goat
thanks 🙏🏻
Sir, I'm currently studying bca. I'm really interested in cybersecurity.if I do CEH certificate it will be worth it?
hey Umar, no CEG is a terrible investment. I recommend you start with CompTIA Security+ , and then if you’re really interested in Penetration testing then do eLearnSecurity eJPT. I talk more about pentesting here: ruclips.net/video/CePhURvdyqk/видео.html
@@UnixGuy thanks sir.
@@umar2802 you’re welcome!
Sir share with me sometime Cybersecurity tools name so I will try to learn and will help me in internship and beginning role so I can put this in my CV.
Go with the tools I talked about in this video
I am a little confused ..
idk Why in tech and cybersecurity there are so many roles that are inter-related. The responsibilities of one role also involve in other role or there are a lot of names for one role, this sucks and increases my confusion.
My question is:
You discussed 3 functions perform in a security operation center
1. DFIR
2. Threat Management
3. CTI
Are these 3 catagories are a second name to soc analysts tier1, tier2 and tier 3 or they are different.. ??
What I understood is that
SOC Analyst Tier 1 do Threat Management
SOC Analyst Tier 2 do DFIR
SOC Analyst Tier 3 do CTI
is it?
Only you can solve this confusion I researched a lot on SOC and SOC analysts and other cyber security job roles but everytime I get confused more..
hey ,
tier1/2/3 usually refer to senior rather than specialty
I discussed the SOC specialties in more detail in this more up to date video:
ruclips.net/video/DRJic8vCodE/видео.html
@UnixGuy Thank God!! Now it's crystal clear ✌🏻 You're a lifesaver. I really appreciate your fast response 😊. We need more humble people and mentors like you. I am so lucky I found your channel.
@@cybersecdefender290 🙏🏻
Boss, I am a offensive security engineer .. Oscp certified … I want to switch to SOC senior position ..incident responder dfir malware analysis
follow this:
ruclips.net/video/DRJic8vCodE/видео.html
Is these information relevant for Australia
yes! and relevant world wide too
Hi Unixguy guy,I want to be a ethical hacker,pentester i am interested in taking certifications which all certifications would you recommend from beginner to expert level!!!
Hey mate, they’re all in this video:
ruclips.net/video/OR8G_Vi5B1U/видео.html
Hello Sir, Are Cybrary SOC Analyst L1 L2 L3 enough to get job as SOC Analyst?
i’m not familiar with them. do these certs instead:
ruclips.net/user/shortsl_y7DsJl29w?feature=share
@@UnixGuy can you give a short review by having glance at these
@@UnixGuy and is it ok to do these certifications courses from resources available for free and not getting certifications coz I can't afford.
hello sir, thanks for the infromation. but I want to ask for a recommendation for a certificate that is qualified and globally recognized in the field of cyber security. In addition to the knowledge that can be applied, it is also important for certificates that are qualified and recognized throughout the world. thank u sir
for focus management risk and analys. thank u sir
I talked about risk management here, do the certs in this video:
ruclips.net/video/s9LDWLfFOp8/видео.html
Hello sir, can I be a DFIR and a threat intelligence at the same time?
different skills but you can have both if you want to
@@UnixGuy Thank you
Comptia CySa+
yes
The link of splunk is not working
ohh cheers I’ll fix it, meanwhile just type ‘free splunk training’ in google and you’ll find it
@@UnixGuy l m senior IT Analyst but l m planning to move next time to cybersecurity Threat management. What is your advice about tools to master before my interview?
@@amadoumane7600 Splunk :)
@@UnixGuy thank you so much ❤️👍🏿
@@UnixGuy l have already master: SIEM, IDS, IPS, Azure Active Directory, Cyberark, Firewall, Intune admin center, Python1.
I need a advice From You ❤️
Happy to help, I recommend watching all the videos first as you’ll fine 99% of the answers there ;)
@@UnixGuy Thank you very much for what you gave us my friend. The question is, I studied many certificates in order to acquire the skill of SOC and test lab. I studied Comptia Itf+ SEC+ NET+ CCNA CCNP I also studied operating systems MAC OS WINDOWS OS KALI LINUX and also programming languages and I am currently studying intermediate certificates such as SSCP CEH I have certificates to complete the study for these certificates. My question is, am I on the right path, and can I study the CISM CISA CISO certificates in order to strengthen my skills, and are there any certificates necessary to get a job in the field of cybersecurity because my financial capabilities do not allow me to buy certificates and thank you very much.
@@UnixGuy Thank You So much For Help Us ⭐❤️
@@redamabrouki8357 Hi Reda,
The certs you did are a good broad entry level but they’re not specific to SOC work. CEH/SSCp are also not relevant to SOC. I recommend you do the certs that I mentioned in this video as they are DIRECTLY relevant to SOC work.
@@UnixGuy Are the certificates necessary to obtain work in the field of CS, or do they require the skills or experience gained through your theoretical and practical studies of these certificates? Yes, my friend, I am going from stage to stage until professional Thanks .
Does the soc analyst job requires talk with external customers often ?
not really no
My god, all SANS everything is obscenely expensive.
try the work study program:
ruclips.net/video/bQCcv2xIh9k/видео.html
"You don't need the Sec+ for pentesting or GRC," but some people like spending money and wasting time! I see people with three certs who can't inspect a windows log or run netstat.
it’s not needed, but if someone is just starting out, sec+ might give them a gentle introduction to infosec in general
Splunk is not that good. LogRythm better. Also Microfost have their siem now.
Splunk is still the most widely used siem, but yeah it wont hurt to learn either
Can I follow you on LinkedIn sir?
Hey mate, I don’t have a public LinkedIn, best way to ask questions is through the comments section here :)
Hi. Are you there on LinkedIn. I wanted to connect with you. Kindly mention the page url here or the LinkedIn name.. Thank you.. Your videos are very helpful !!
Hi Rim, my LinkedIn is private, but if you
have further questions please leave them in the comments section and I’ll answer :)
@@UnixGuy I have joined a cyber security firm recently. I will be into consulting. I want to know what is it that I need to know and be prepared with as I need to talk to clients and consult them.. Will any course be helpful for me to understand a lot more about the certifications, Compliance and more as I am not from IT tech baground. I am into sales. Previously I was with IT service company. Doing the business dev part. Suggest accordingly
@@lifeofrim9975 that really depends on the firm, it’s best to ask your manager what your day to day tasks will be, if it’s not technical then yeah basic security training might help like comptia security+
I have a question, I’d like to start in cyber security I have previous knowledge in coding and programming stuff so I’m confused whether I should study in a university, bootcamp or self study, so I saw an advertisement about masterschool admissions they provide 6 months training after that they will help us find a job and we’re not gonna pay anything until we find a job, the fee is 15000$
I need your advise which is better self study, bootcamp or university, and if it’s self studying could you tell me where should I start, which website eccouncil, infosec, tryhackme, hack the box and there is a bunch of them.Thank you in advance
this video explains it all:
ruclips.net/video/GPmVphOqSGY/видео.html
What do you think about tryhackme?
highly recommend, I menruoned it herr:
ruclips.net/video/OR8G_Vi5B1U/видео.html