Just finished your course now getting ready start the internship and study for comptia security+. Great course man "hopefully I can help you edit this course".
I want to thank you for the level of detail in this video. Everything I found very useful. I would really like another deep dive into that home lab again.If you can find the time that would be great!!
Thanks so much! I really appreciate that. I actually did an updated Vulnerability Management Lab video where we use OpenVAS on Azure. It's being edited right now 👍
At the company I worked at, the network team prohibited the security team from performing vulnerability scanning over the wan because, as they put it, vulnerability scanning ‘clogs up the logs’ Which is obviously utter nonsense. Basically the managers on the IT security team were too chickensh!+ to push back when they should have. As a result, we had 20+ local scanning engine servers throughout the org. It was a complete management nightmare.
Lol, sounds about right. People always make these excuses as to why they can't scan, but it's usually due to some fundamental design flaw in their infrastructure lol...or something else like this that needs to be fixed.
@@JoshMadakor I strongly disagree. In our case, a fundamental design flaw in the network infrastructure is what the network team was gaslighting/bullying the security team into accepting. The real reason we didn’t scan over the WAN was strictly due to petty political and interpersonal conflicts. Truly pathetic. Thank goodness I’m no longer there.
I swear i hate dealing with vendors for the very reason you mentioned, they can never just give an actual quote 😭 They like to wait and see what your organization’s budget is so they don’t end up “lowballing” themselves.
Ive been following you channel for a while now and am interested in taking your course. I am lookin at a few options now. I have Sec + and PCI DSS training. Is this a class schedule or self paced course? Love the knowledge here!
Hey! It's self-paced labs conducted in Azure, but there is a discord with an active community with me and 1100+ students if you have questions or want to collab with others ^^
Thanks for the information it was very helpful. but I've not been able to download the first two documents. CISSP Practice questions and the CompTIA security plus practice questions. Thanks.
Those are Zero Days. One way to protect against Zero Day vulnerabilities is to minimize your attack surface as much as possible and don't use stuff that you don't need. For example, say you are running a server with old FTP server software installed, but that server doesn't even need to run FTP. Then a Zero Day comes out with an RCE capability for that version of FTP Server. You are now vulnerable. This could have been prevented by not even having the FTP software installed that you didn't need. Another way is to implement defense in depth. Even though the server is running vulnerable, outdated FTP software, it becomes less critical the more protected/isolated/segregated/segmented-away the server is, if that makes sense (vs it being on the network edge exposed to the internet). Hope this makes sense, just my 2C though, ask ChatGPT for more scenarios :)
Can you point me to a video or will you be making a video in the future about aquiring experience. Most employers are asking for 2 years exp or a Bachelors degree.
For me, the most problematic step is to provide scanner access to the assets. Then you need to take accounts for internal testing for vulnerabilities, but you just won’t get them because the administrator responsible for this is gouging and doesn’t know even half of the data from devices
I am just getting into VM in Cybersecurity with Qualys. i have a couple questions that i'd appreciate answers to. How long do you think it will take me to finish the total VM course in order to get a job. also how long does it usually take to get a job as a VM? Anyone please and thanks.
I'll make a video about this, but I would say around 300 hours to develop a good Cybersecurity Base, and another 1-200 hours practicing vulnerability management. This answer requires a lot of explaining, but you can basically watch this video, but think about applying it to vulnerability management: ruclips.net/video/7PPsufbJHhU/видео.htmlsi=NTmqTw1vcE81ubcT
If you have a non tech related bachelors degree (Psychology), do you recommend getting another bachelors degree from WGU in IT management or going straight to the masters degree in cybersecurity?
Hey! If you already have a degree, I actually strongly recommend you to get a couple certs, do some (a lot of) technical practice/labs, build your portfolio, and start applying. I'm not telling you to buy my course, but I've had MANY people with zero background get an entry-level job in like 2 months. Cyber takes a bit longer, but the principles still apply. I'd definitely check out these videos: Do you really need a Bachelor's Degree: ruclips.net/video/qYoqn6owDeI/видео.html Interview, Zero background to SOC Analyst: ruclips.net/video/bkdZcYVmPC8/видео.html
Hello , I have a bs in psychology and currently working in cyber. Started in help desk and worked my way up to cyber. I would follow Josh instructions. Get some certs and experience , after that apply to Georgia tech masters in cyber . I’m currently doing the policy concentration .
Josh do you currently have a course on this ? Or in the future see you going to give us a course in vulnerability management ? Going in depth hands on .
My course can definitely help get a better understanding of things and have something nice on your resume and help with interview, but I really have no idea about requirements and stuff like this outside of the US :(
A bit off topic question if you don't mind, I currently work in IT and been stuck between cloud and software engineering with some possible interest in AI for my future. I am considering a degree at WGU, but I am trying to decide between getting a BS/MS in IT as Ill have some of the CompTIA degrees by then and will have a faster return on investment or take the time to do the BS in computer science is that will be more versatile no matter what I want to do in tech. What are your thoughts?
Hello Josh thank you for this. I’ve just completed a Course on Cybersecurity and I’m very interested in Vulnerability Management as my path. Do you have any idea the right resource that will give me full details and preparation to be an Entry Level Vulnerability Management Analyst? And also, how can i join your discord channel? I’d really appreciate your reply 🙏🏼
I have another video where I do a lab with Nesses. You could get the latest software from there and try to set it up and run some scans. I'm going to be creating a new community which will include vulnerability management course. It's not setup yet though :)
Hi sir, I wanted to ask if vulnerability management requires coding, and their is also the talk of pci dss paying a lot of money, does that also require coding too and what do u think is the highest cybersecurity paying job out there
🔒 Josh's Hands-On Cybersecurity / SOC Analyst Training (REAL EXPERIENCE)🔒
joshmadakor.tech/cyber
please are the lesson videos
Just finished your course now getting ready start the internship and study for comptia security+. Great course man "hopefully I can help you edit this course".
Thank you for saying it! Best of luck :D
Loving the new background, TV and Plants, a vibe. Good content. Congrats at 100k. Happy to be "OG" lol.
Thank you so much 🤗. I got a new background now that's pretty good, haha. This one is more permanent :). Appreciate you!
I want to thank you for the level of detail in this video. Everything I found very useful. I would really like another deep dive into that home lab again.If you can find the time that would be great!!
Thanks so much! I really appreciate that. I actually did an updated Vulnerability Management Lab video where we use OpenVAS on Azure. It's being edited right now 👍
@@JoshMadakor Awesome!! I need to create a home lab soon. Thank you for your time
Thanks for the videos. You do a lot for the community of aspiring Cyber professionals.
Awesome..thank you so much Josh
💯 Thanks for sharing 🙏🏾
My pleasure! Thanks for watching!
As always great job
Thanks, I appreciate it!
Thank you so much. 😊
Came here to learn but your voice is something else 😊😅
At the company I worked at, the network team prohibited the security team from performing vulnerability scanning over the wan because, as they put it, vulnerability scanning ‘clogs up the logs’
Which is obviously utter nonsense.
Basically the managers on the IT security team were too chickensh!+ to push back when they should have.
As a result, we had 20+ local scanning engine servers throughout the org. It was a complete management nightmare.
Lol, sounds about right. People always make these excuses as to why they can't scan, but it's usually due to some fundamental design flaw in their infrastructure lol...or something else like this that needs to be fixed.
@@JoshMadakor I strongly disagree. In our case, a fundamental design flaw in the network infrastructure is what the network team was gaslighting/bullying the security team into accepting. The real reason we didn’t scan over the WAN was strictly due to petty political and interpersonal conflicts. Truly pathetic. Thank goodness I’m no longer there.
it was nothing to strongly disagree about, he was speaking in general @@50PullUps
Thank you!
I swear i hate dealing with vendors for the very reason you mentioned, they can never just give an actual quote 😭 They like to wait and see what your organization’s budget is so they don’t end up “lowballing” themselves.
Hi Josh. This is a very valuable and very well explained VM process video. Does your Cyber course include VM?
Ive been following you channel for a while now and am interested in taking your course. I am lookin at a few options now. I have Sec + and PCI DSS training. Is this a class schedule or self paced course? Love the knowledge here!
Hey! It's self-paced labs conducted in Azure, but there is a discord with an active community with me and 1100+ students if you have questions or want to collab with others ^^
@@JoshMadakor Thanks! That’s great! I want this but wanted to see how my current job schedule would coincide with this
How can I build my sql skills as I don't have a VM of sql but use it for work but need to learn more queries
You can use this and then click "Try it yourself" -> www.w3schools.com/sql/
Thanks for the information it was very helpful. but I've not been able to download the first two documents.
CISSP Practice questions and the CompTIA security plus practice questions. Thanks.
Ho yeah Bobby
Lmao
How are you handling vulnerabilities that does not have any patch available yet?
Those are Zero Days. One way to protect against Zero Day vulnerabilities is to minimize your attack surface as much as possible and don't use stuff that you don't need. For example, say you are running a server with old FTP server software installed, but that server doesn't even need to run FTP. Then a Zero Day comes out with an RCE capability for that version of FTP Server. You are now vulnerable. This could have been prevented by not even having the FTP software installed that you didn't need.
Another way is to implement defense in depth. Even though the server is running vulnerable, outdated FTP software, it becomes less critical the more protected/isolated/segregated/segmented-away the server is, if that makes sense (vs it being on the network edge exposed to the internet).
Hope this makes sense, just my 2C though, ask ChatGPT for more scenarios :)
Hi Josh,
You mentioned a discount code in your video. But i don't see it in the description or chat.
Can you help please.
Thanks
Oh shoot, sorry!
Discount Code: JOSH10
Can you point me to a video or will you be making a video in the future about aquiring experience. Most employers are asking for 2 years exp or a Bachelors degree.
For me, the most problematic step is to provide scanner access to the assets. Then you need to take accounts for internal testing for vulnerabilities, but you just won’t get them because the administrator responsible for this is gouging and doesn’t know even half of the data from devices
I am just getting into VM in Cybersecurity with Qualys. i have a couple questions that i'd appreciate answers to. How long do you think it will take me to finish the total VM course in order to get a job. also how long does it usually take to get a job as a VM? Anyone please and thanks.
I'll make a video about this, but I would say around 300 hours to develop a good Cybersecurity Base, and another 1-200 hours practicing vulnerability management. This answer requires a lot of explaining, but you can basically watch this video, but think about applying it to vulnerability management: ruclips.net/video/7PPsufbJHhU/видео.htmlsi=NTmqTw1vcE81ubcT
@@JoshMadakor thanks so much. I’ll get back to you when I’m done for job application procedures lolz. Appreciate 🙏🏾🙏🏾🙏🏾
If you have a non tech related bachelors degree (Psychology), do you recommend getting another bachelors degree from WGU in IT management or going straight to the masters degree in cybersecurity?
Hey! If you already have a degree, I actually strongly recommend you to get a couple certs, do some (a lot of) technical practice/labs, build your portfolio, and start applying. I'm not telling you to buy my course, but I've had MANY people with zero background get an entry-level job in like 2 months. Cyber takes a bit longer, but the principles still apply. I'd definitely check out these videos:
Do you really need a Bachelor's Degree: ruclips.net/video/qYoqn6owDeI/видео.html
Interview, Zero background to SOC Analyst: ruclips.net/video/bkdZcYVmPC8/видео.html
Hello ,
I have a bs in psychology and currently working in cyber. Started in help desk and worked my way up to cyber.
I would follow Josh instructions.
Get some certs and experience , after that apply to Georgia tech masters in cyber . I’m currently doing the policy concentration .
@@artur_tx thanks for the great advice!
@@JoshMadakor Sounds like a great plan. thank you!
Hey Josh the discount code isn't working anymore. Is there anyway you can update it? I'd love to get started with your course.
send me a message in my linkedin or IG ^^
Josh do you currently have a course on this ? Or in the future see you going to give us a course in vulnerability management ?
Going in depth hands on .
I'm curious. Would you say your course can help persons outside of the US get jobs? Ofcourse no guarantees expected.
My course can definitely help get a better understanding of things and have something nice on your resume and help with interview, but I really have no idea about requirements and stuff like this outside of the US :(
Thank you for creating this. I’ve been struggling to break ground and this reignited my passion. 🫵🏾 da man!
A bit off topic question if you don't mind,
I currently work in IT and been stuck between cloud and software engineering with some possible interest in AI for my future. I am considering a degree at WGU, but I am trying to decide between getting a BS/MS in IT as Ill have some of the CompTIA degrees by then and will have a faster return on investment or take the time to do the BS in computer science is that will be more versatile no matter what I want to do in tech. What are your thoughts?
Great informative video.
Hello Josh thank you for this. I’ve just completed a Course on Cybersecurity and I’m very interested in Vulnerability Management as my path. Do you have any idea the right resource that will give me full details and preparation to be an Entry Level Vulnerability Management Analyst? And also, how can i join your discord channel? I’d really appreciate your reply 🙏🏼
I have another video where I do a lab with Nesses. You could get the latest software from there and try to set it up and run some scans. I'm going to be creating a new community which will include vulnerability management course. It's not setup yet though :)
Is your course subscription based or lifetimes access? New viewer here
Thanks for watching! Lifetime access ^^
I want a vulnerability management job and have a CISSP and can’t get a job! Help!
Really? Even with a CISSP?
Hi sir, I wanted to ask if vulnerability management requires coding, and their is also the talk of pci dss paying a lot of money, does that also require coding too and what do u think is the highest cybersecurity paying job out there
I wouldn’t worry about it too much being that your writing skills are poor.
🔥
Thanks for watching!
Hi josh ,I rally like your content always checked your new blogs. But you talk to fast and difficulty to catch what you are talking about.
Third to comment :)
Lol thanks for commenting :(