SlideShare uma empresa Scribd logo
1 de 18
Baixar para ler offline
ALPINE SKI HOUSE
BERKARIR DI
CYBER SECURITY
Preparations, Activities, Challenges
Hi!
I am Satria Ady Pradana
◎ Cyber Security Consultant at Mitra Integrasi
Informatika
◎ Community Leader of Reversing.ID
◎ R&D Member of Indonesia Honeynet Project
◎ Researcher
xathrya
@xathrya
Reversing.ID
Revealing the Truth through Breaking Things
https://xathrya.id
ALPINE SKI HOUSE
Mengenali profesi
MENJADI
PROFESSIONAL
3
ALPINE SKI HOUSEALPINE SKI HOUSE
(CYBER) SECURITY PROFESSIONAL
• (n) Professional who is hired to keep online information of all sorts protected from
cyber attacks and other malevolent threats.
• In general, they do:
• Going through all the system to check for any type of potential issues.
• Putting proper security measures and establishing protocols.
• Spreading the word about security and its importance.
• Security is hot field in Indonesia.
• Rapidly growing in demand for qualified people.
4
ALPINE SKI HOUSEALPINE SKI HOUSE
CYBER SECURITY ISSUES IN INDONESIA
• Most activities are Jakarta-centric.
• Lack of Security Awareness of Multi Stakeholder
(government, private sector, academic, BUMN, etc)
• Lack of Professionals.
• We need more people.
5
ALPINE SKI HOUSEALPINE SKI HOUSE
EXPLORING THE JOBS (1)
6
Designing
Testing
Monitoring
Code / Program Infrastructure
ALPINE SKI HOUSE
EXPLORING THE JOBS (2)
• Penetration Tester
• Security Engineer
• SOC Engineer
• Forensic Investigator
• Security Auditor
…
• etc
7
ALPINE SKI HOUSEALPINE SKI HOUSE
EXPLORING THE JOBS (3)
8
Penetration Tester
Legally hacking into organization application, networks,
and system to discover vulnerabilities and potential
damage.
Security Engineer
Designing, building, and maintain IT security solutions.
SOC Engineer
Analyze and respond to security threats from various
security platform and technologies.
Forensic Investigator
Investigate the cause of incident, trace all illegal activities
on the case, and determine loss from the incident.
Compliance Auditor
Ensuring that an organization is adhering to any regulation
relevant to its business.
ALPINE SKI HOUSEALPINE SKI HOUSE
PREPARING AS PROFESSIONAL
• Skills
• Communication
• Attitude
9
ALPINE SKI HOUSEALPINE SKI HOUSE
CHOOSE YOUR FACTION
10
Offensive Red Team Defensive Blue Team
ALPINE SKI HOUSEALPINE SKI HOUSE
 Creating Your Own Virtual Lab
 Pentest Lab :
 VulnHub, DVWA, bWAPP,
 Cyber Defense Lab Blue Team
 Detection Lab, Blue Team Training Toolkit, APTSimulator
 Joining Online CTF Lab and Challenge Yourself
 Pentest Lab :
 HackTheBox, Pentestit.ru, Attack Defense Lab
 Cyber Defense Lab Blue Team
 Attack Defense Lab, SANS Forensic Challenge,
11
ALPINE SKI HOUSEALPINE SKI HOUSE
 Join Instant Messaging Community (Telegram / Whatsapp / Slack)
 Pentester ID (Telegram)
 ECHO (Telegram)
 Jasakom Perjuangan (Telegram)
 Cyber Army (Telegram)
 CDEF (Slack)
 IT Audit & Security (Telegram)
 Indonesia Honeynet Project (Telegram)
 Join the Bug Hunting Platform: Cyber Army, Red Storm, BugCrowd, HackerOne, Synack, dll
 Join the Discussion forum or related Facebook Group.
 Write and publish research as blog post, paper, article, etc.
 Attending Cyber Security Conference, Seminar, Workshop, Training.
12
ALPINE SKI HOUSEALPINE SKI HOUSE
REFERENCES
 Red Team :
 https://www.amanhardikar.com/mindmaps/Practice.html
 https://medium.com/mii-cybersec/improving-pentesting-skill-with-intentionally-vulnerable-apps-ece1cdf3dc63
 Blue Team :
 https://github.com/pe3zx/my-infosec-awesome#adversary-emulation
 https://www.amanhardikar.com/mindmaps/Forensics.html
13
ALPINE SKI HOUSEALPINE SKI HOUSE
CERTIFICATION
Should? Should not?
• Help employers evaluate potentials new hires.
• Recognition of competency.
General? Specialized?
Graduation diploma?
14
ALPINE SKI HOUSEALPINE SKI HOUSE
DAILY ACTIVITIES (AS PENETRATION TESTER)
• Find vulnerabilities
• Create Proof of Concept
• Write a report
• Present the result *
15
ALPINE SKI HOUSEALPINE SKI HOUSE
CHALLENGES (GENERAL)
• Must follow security trends, discoveries, and techniques.
• CVE
• Security Bulletin
• Security incidents
• Specialization.
• Simplify the problem so even non-technical people understand.
16
QUESTIONS?
xathrya@reversing.id
satria.Pradana@mii.co.id
ALPINE SKI HOUSE
THANK
YOU

Mais conteúdo relacionado

Mais procurados

Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi
 
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE - ATT&CKcon
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonBen Boyd
 
Enfilade: Tool to Detect Infections in MongoDB Instances
Enfilade: Tool to Detect Infections in MongoDB InstancesEnfilade: Tool to Detect Infections in MongoDB Instances
Enfilade: Tool to Detect Infections in MongoDB InstancesAditya K Sood
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
 Weaponizing OSINT – Hacker Halted 2019 – Michael James  Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James EC-Council
 
Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques begmohsin
 
Guy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node CodeGuy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node CodeDevSecCon
 
Continuous Automated Red Teaming (CART) - Bikash Barai
Continuous Automated Red Teaming (CART) - Bikash BaraiContinuous Automated Red Teaming (CART) - Bikash Barai
Continuous Automated Red Teaming (CART) - Bikash BaraiAllanGray11
 
MITRE ATTACKcon Power Hour - October
MITRE ATTACKcon Power Hour - OctoberMITRE ATTACKcon Power Hour - October
MITRE ATTACKcon Power Hour - OctoberMITRE - ATT&CKcon
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeEC-Council
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseAshwini Almad
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wireInfoSec Addicts
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsCybereason
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksEC-Council
 
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...EC-Council
 

Mais procurados (20)

Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
 
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
MITRE ATT&CKcon 2018: From Red VS Blue to Red ♥ Blue, Olaf Hartong and Vincen...
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
 
Enfilade: Tool to Detect Infections in MongoDB Instances
Enfilade: Tool to Detect Infections in MongoDB InstancesEnfilade: Tool to Detect Infections in MongoDB Instances
Enfilade: Tool to Detect Infections in MongoDB Instances
 
Weaponizing OSINT – Hacker Halted 2019 – Michael James
 Weaponizing OSINT – Hacker Halted 2019 – Michael James  Weaponizing OSINT – Hacker Halted 2019 – Michael James
Weaponizing OSINT – Hacker Halted 2019 – Michael James
 
Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques Ethical Hacking Tools & Techniques
Ethical Hacking Tools & Techniques
 
Malware Analysis
Malware AnalysisMalware Analysis
Malware Analysis
 
Guy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node CodeGuy Podjarmy - Secure Node Code
Guy Podjarmy - Secure Node Code
 
Continuous Automated Red Teaming (CART) - Bikash Barai
Continuous Automated Red Teaming (CART) - Bikash BaraiContinuous Automated Red Teaming (CART) - Bikash Barai
Continuous Automated Red Teaming (CART) - Bikash Barai
 
MITRE ATTACKcon Power Hour - October
MITRE ATTACKcon Power Hour - OctoberMITRE ATTACKcon Power Hour - October
MITRE ATTACKcon Power Hour - October
 
Ethical Hacking Tools
Ethical Hacking ToolsEthical Hacking Tools
Ethical Hacking Tools
 
Understanding ransomware
Understanding ransomwareUnderstanding ransomware
Understanding ransomware
 
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle LeeHacking Diversity – Hacker Halted . 2019 – Marcelle Lee
Hacking Diversity – Hacker Halted . 2019 – Marcelle Lee
 
Extracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet NoiseExtracting the Malware Signal from Internet Noise
Extracting the Malware Signal from Internet Noise
 
Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wire
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the Basics
 
Defending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael BanksDefending Against 1,000,000 Cyber Attacks by Michael Banks
Defending Against 1,000,000 Cyber Attacks by Michael Banks
 
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
Finding the Sweet Spot: Counter Honeypot Operations (CHOps) by Jonathan Creek...
 
Ransomware ly
Ransomware lyRansomware ly
Ransomware ly
 

Semelhante a Berkarir di Cyber Security

Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWChanchalHiwanj1
 
Monitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionMonitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionCharles Lim
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Sean Whalen
 
Introduction to hacking
Introduction to hackingIntroduction to hacking
Introduction to hackingnitish mehta
 
Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...
Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...
Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...idsecconf
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeAPNIC
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Peerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetPeerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetAbhinav Mishra
 
Reversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future RoadmapReversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future Roadmapsecurityxploded
 
AI in Cybersecurity | 2023
AI in Cybersecurity | 2023AI in Cybersecurity | 2023
AI in Cybersecurity | 2023KharimMchatta
 
IoT – Breaking Bad
IoT – Breaking BadIoT – Breaking Bad
IoT – Breaking BadNUS-ISS
 
The_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdfThe_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdfgcara4
 
cyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World Sessioncyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World SessionYasserElsnbary
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant abnmi
 
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...APNIC
 
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdfmastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdfManiacH1
 

Semelhante a Berkarir di Cyber Security (20)

Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITW
 
Monitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusionMonitoring indonesia darknets - Revealing the unseen security intrusion
Monitoring indonesia darknets - Revealing the unseen security intrusion
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
 
Introduction to hacking
Introduction to hackingIntroduction to hacking
Introduction to hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...
Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...
Charles Lim - Sistem pemantauan ancaman serangan siber di indonesia generasi ...
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contribute
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
Darknet (ec)
Darknet (ec) Darknet (ec)
Darknet (ec)
 
Peerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetPeerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter Meet
 
Null who and_where (1)
Null who and_where (1)Null who and_where (1)
Null who and_where (1)
 
Reversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future RoadmapReversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future Roadmap
 
AI in Cybersecurity | 2023
AI in Cybersecurity | 2023AI in Cybersecurity | 2023
AI in Cybersecurity | 2023
 
IoT – Breaking Bad
IoT – Breaking BadIoT – Breaking Bad
IoT – Breaking Bad
 
So You Want to be a Hacker?
So You Want to be a Hacker?So You Want to be a Hacker?
So You Want to be a Hacker?
 
The_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdfThe_Pentester_Blueprint.pdf
The_Pentester_Blueprint.pdf
 
cyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World Sessioncyber security | What Is Cyber Security | Hello World Session
cyber security | What Is Cyber Security | Hello World Session
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
 
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
PITA Working Group Meeting on Cybersecurity: Empowering the community to enha...
 
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdfmastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
mastering-kali-linux-for-advanced-penetration-testing-book-look2linux-com.pdf
 

Mais de Satria Ady Pradana

MITM: Tales of Trust and Betrayal
MITM: Tales of Trust and BetrayalMITM: Tales of Trust and Betrayal
MITM: Tales of Trust and BetrayalSatria Ady Pradana
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstSatria Ady Pradana
 
Silabus Training Reverse Engineering
Silabus Training Reverse EngineeringSilabus Training Reverse Engineering
Silabus Training Reverse EngineeringSatria Ady Pradana
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day SoftwareSatria Ady Pradana
 
Reverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseReverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseSatria Ady Pradana
 
The Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingThe Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingSatria Ady Pradana
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceSatria Ady Pradana
 
Android Security: Art of Exploitation
Android Security: Art of ExploitationAndroid Security: Art of Exploitation
Android Security: Art of ExploitationSatria Ady Pradana
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with FridaSatria Ady Pradana
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Satria Ady Pradana
 
Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)Satria Ady Pradana
 
Reverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareReverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareSatria Ady Pradana
 
Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Satria Ady Pradana
 
Memory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactMemory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactSatria Ady Pradana
 
Automatic Malware Analysis & Repository
Automatic Malware Analysis & RepositoryAutomatic Malware Analysis & Repository
Automatic Malware Analysis & RepositorySatria Ady Pradana
 

Mais de Satria Ady Pradana (20)

Malware for Red Team
Malware for Red TeamMalware for Red Team
Malware for Red Team
 
MITM: Tales of Trust and Betrayal
MITM: Tales of Trust and BetrayalMITM: Tales of Trust and Betrayal
MITM: Tales of Trust and Betrayal
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the Worst
 
Silabus Training Reverse Engineering
Silabus Training Reverse EngineeringSilabus Training Reverse Engineering
Silabus Training Reverse Engineering
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day Software
 
Firmware Reverse Engineering
Firmware Reverse EngineeringFirmware Reverse Engineering
Firmware Reverse Engineering
 
Reverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseReverse Engineering: The Crash Course
Reverse Engineering: The Crash Course
 
The Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingThe Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration Testing
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in Essence
 
Android Security: Art of Exploitation
Android Security: Art of ExploitationAndroid Security: Art of Exploitation
Android Security: Art of Exploitation
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with Frida
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)
 
Reverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareReverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the Software
 
Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)
 
Memory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactMemory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory Artefact
 
Another Side of Hacking
Another Side of HackingAnother Side of Hacking
Another Side of Hacking
 
Automatic Malware Analysis & Repository
Automatic Malware Analysis & RepositoryAutomatic Malware Analysis & Repository
Automatic Malware Analysis & Repository
 
Web Security Jumpstart
Web Security JumpstartWeb Security Jumpstart
Web Security Jumpstart
 

Último

Chapter-4 Introduction to Global Distributions System and Computerized Reserv...
Chapter-4 Introduction to Global Distributions System and Computerized Reserv...Chapter-4 Introduction to Global Distributions System and Computerized Reserv...
Chapter-4 Introduction to Global Distributions System and Computerized Reserv...Md Shaifullar Rabbi
 
How to Host a Successful Webinar for Success?
How to Host a Successful Webinar for Success?How to Host a Successful Webinar for Success?
How to Host a Successful Webinar for Success?StrengthsTheatre
 
Audhina Nur Afifah Resume & Portofolio_2024.pdf
Audhina Nur Afifah Resume & Portofolio_2024.pdfAudhina Nur Afifah Resume & Portofolio_2024.pdf
Audhina Nur Afifah Resume & Portofolio_2024.pdfaudhinafh1
 
reStartEvents March 28th TS/SCI & Above Employer Directory.pdf
reStartEvents March 28th TS/SCI & Above Employer Directory.pdfreStartEvents March 28th TS/SCI & Above Employer Directory.pdf
reStartEvents March 28th TS/SCI & Above Employer Directory.pdfKen Fuller
 
wealth_spend_bharatpeVerse_Analysis .pptx
wealth_spend_bharatpeVerse_Analysis .pptxwealth_spend_bharatpeVerse_Analysis .pptx
wealth_spend_bharatpeVerse_Analysis .pptxAnuragBhakuni4
 
Fireman Resume Strikuingly Text............................
Fireman Resume Strikuingly Text............................Fireman Resume Strikuingly Text............................
Fireman Resume Strikuingly Text............................calvinjamesmappala
 
STORY OF SUSAN & JUDY - CEREBRAL PALSY.pptx
STORY OF SUSAN & JUDY - CEREBRAL PALSY.pptxSTORY OF SUSAN & JUDY - CEREBRAL PALSY.pptx
STORY OF SUSAN & JUDY - CEREBRAL PALSY.pptxsheenam bansal
 
ASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJF
ASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJFASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJF
ASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJFJulia Kaye
 
kids gpaddfghtggvgghhhuuuuuhhhgggggy.pptx
kids gpaddfghtggvgghhhuuuuuhhhgggggy.pptxkids gpaddfghtggvgghhhuuuuuhhhgggggy.pptx
kids gpaddfghtggvgghhhuuuuuhhhgggggy.pptxJagrutiSononee
 
asdfasdiofujasloidfoia nslkflsdkaf jljffs
asdfasdiofujasloidfoia nslkflsdkaf jljffsasdfasdiofujasloidfoia nslkflsdkaf jljffs
asdfasdiofujasloidfoia nslkflsdkaf jljffsJulia Kaye
 
FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...
FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...
FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...FaHaD .H. NooR
 
Chapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, Conventions
Chapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, ConventionsChapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, Conventions
Chapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, ConventionsMd Shaifullar Rabbi
 
Blockchain_TezosDeveloperCommunitySNSCE.pdf
Blockchain_TezosDeveloperCommunitySNSCE.pdfBlockchain_TezosDeveloperCommunitySNSCE.pdf
Blockchain_TezosDeveloperCommunitySNSCE.pdfVISHNURAJSSNSCEAD
 
127. Reviewer Certificate in BP International
127. Reviewer Certificate in BP International127. Reviewer Certificate in BP International
127. Reviewer Certificate in BP InternationalManu Mitra
 
Moaaz Hassan El-Shayeb - Projects Portfolio
Moaaz Hassan El-Shayeb - Projects PortfolioMoaaz Hassan El-Shayeb - Projects Portfolio
Moaaz Hassan El-Shayeb - Projects Portfoliomoaaz el-shayeb
 
10 Things That Will Shape the Future of Education.pdf
10 Things That Will Shape the Future of Education.pdf10 Things That Will Shape the Future of Education.pdf
10 Things That Will Shape the Future of Education.pdfEducationView
 
Nashon Holloway - Media/Press Kit - Priv
Nashon Holloway - Media/Press Kit - PrivNashon Holloway - Media/Press Kit - Priv
Nashon Holloway - Media/Press Kit - PrivNashonHolloway
 

Último (17)

Chapter-4 Introduction to Global Distributions System and Computerized Reserv...
Chapter-4 Introduction to Global Distributions System and Computerized Reserv...Chapter-4 Introduction to Global Distributions System and Computerized Reserv...
Chapter-4 Introduction to Global Distributions System and Computerized Reserv...
 
How to Host a Successful Webinar for Success?
How to Host a Successful Webinar for Success?How to Host a Successful Webinar for Success?
How to Host a Successful Webinar for Success?
 
Audhina Nur Afifah Resume & Portofolio_2024.pdf
Audhina Nur Afifah Resume & Portofolio_2024.pdfAudhina Nur Afifah Resume & Portofolio_2024.pdf
Audhina Nur Afifah Resume & Portofolio_2024.pdf
 
reStartEvents March 28th TS/SCI & Above Employer Directory.pdf
reStartEvents March 28th TS/SCI & Above Employer Directory.pdfreStartEvents March 28th TS/SCI & Above Employer Directory.pdf
reStartEvents March 28th TS/SCI & Above Employer Directory.pdf
 
wealth_spend_bharatpeVerse_Analysis .pptx
wealth_spend_bharatpeVerse_Analysis .pptxwealth_spend_bharatpeVerse_Analysis .pptx
wealth_spend_bharatpeVerse_Analysis .pptx
 
Fireman Resume Strikuingly Text............................
Fireman Resume Strikuingly Text............................Fireman Resume Strikuingly Text............................
Fireman Resume Strikuingly Text............................
 
STORY OF SUSAN & JUDY - CEREBRAL PALSY.pptx
STORY OF SUSAN & JUDY - CEREBRAL PALSY.pptxSTORY OF SUSAN & JUDY - CEREBRAL PALSY.pptx
STORY OF SUSAN & JUDY - CEREBRAL PALSY.pptx
 
ASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJF
ASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJFASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJF
ASDFSDFASDFASDFASDFOUIASHDFOIASUD FOIJSADO;IFJOISADJF
 
kids gpaddfghtggvgghhhuuuuuhhhgggggy.pptx
kids gpaddfghtggvgghhhuuuuuhhhgggggy.pptxkids gpaddfghtggvgghhhuuuuuhhhgggggy.pptx
kids gpaddfghtggvgghhhuuuuuhhhgggggy.pptx
 
asdfasdiofujasloidfoia nslkflsdkaf jljffs
asdfasdiofujasloidfoia nslkflsdkaf jljffsasdfasdiofujasloidfoia nslkflsdkaf jljffs
asdfasdiofujasloidfoia nslkflsdkaf jljffs
 
FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...
FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...
FAHAD HASSAN NOOR || UCP Business School Data Analytics Head Recommended | MB...
 
Chapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, Conventions
Chapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, ConventionsChapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, Conventions
Chapter-1 IATA, UFTAA, ICAO, FAA, CAA, ATAB, Conventions
 
Blockchain_TezosDeveloperCommunitySNSCE.pdf
Blockchain_TezosDeveloperCommunitySNSCE.pdfBlockchain_TezosDeveloperCommunitySNSCE.pdf
Blockchain_TezosDeveloperCommunitySNSCE.pdf
 
127. Reviewer Certificate in BP International
127. Reviewer Certificate in BP International127. Reviewer Certificate in BP International
127. Reviewer Certificate in BP International
 
Moaaz Hassan El-Shayeb - Projects Portfolio
Moaaz Hassan El-Shayeb - Projects PortfolioMoaaz Hassan El-Shayeb - Projects Portfolio
Moaaz Hassan El-Shayeb - Projects Portfolio
 
10 Things That Will Shape the Future of Education.pdf
10 Things That Will Shape the Future of Education.pdf10 Things That Will Shape the Future of Education.pdf
10 Things That Will Shape the Future of Education.pdf
 
Nashon Holloway - Media/Press Kit - Priv
Nashon Holloway - Media/Press Kit - PrivNashon Holloway - Media/Press Kit - Priv
Nashon Holloway - Media/Press Kit - Priv
 

Berkarir di Cyber Security

  • 1. ALPINE SKI HOUSE BERKARIR DI CYBER SECURITY Preparations, Activities, Challenges
  • 2. Hi! I am Satria Ady Pradana ◎ Cyber Security Consultant at Mitra Integrasi Informatika ◎ Community Leader of Reversing.ID ◎ R&D Member of Indonesia Honeynet Project ◎ Researcher xathrya @xathrya Reversing.ID Revealing the Truth through Breaking Things https://xathrya.id
  • 3. ALPINE SKI HOUSE Mengenali profesi MENJADI PROFESSIONAL 3
  • 4. ALPINE SKI HOUSEALPINE SKI HOUSE (CYBER) SECURITY PROFESSIONAL • (n) Professional who is hired to keep online information of all sorts protected from cyber attacks and other malevolent threats. • In general, they do: • Going through all the system to check for any type of potential issues. • Putting proper security measures and establishing protocols. • Spreading the word about security and its importance. • Security is hot field in Indonesia. • Rapidly growing in demand for qualified people. 4
  • 5. ALPINE SKI HOUSEALPINE SKI HOUSE CYBER SECURITY ISSUES IN INDONESIA • Most activities are Jakarta-centric. • Lack of Security Awareness of Multi Stakeholder (government, private sector, academic, BUMN, etc) • Lack of Professionals. • We need more people. 5
  • 6. ALPINE SKI HOUSEALPINE SKI HOUSE EXPLORING THE JOBS (1) 6 Designing Testing Monitoring Code / Program Infrastructure
  • 7. ALPINE SKI HOUSE EXPLORING THE JOBS (2) • Penetration Tester • Security Engineer • SOC Engineer • Forensic Investigator • Security Auditor … • etc 7
  • 8. ALPINE SKI HOUSEALPINE SKI HOUSE EXPLORING THE JOBS (3) 8 Penetration Tester Legally hacking into organization application, networks, and system to discover vulnerabilities and potential damage. Security Engineer Designing, building, and maintain IT security solutions. SOC Engineer Analyze and respond to security threats from various security platform and technologies. Forensic Investigator Investigate the cause of incident, trace all illegal activities on the case, and determine loss from the incident. Compliance Auditor Ensuring that an organization is adhering to any regulation relevant to its business.
  • 9. ALPINE SKI HOUSEALPINE SKI HOUSE PREPARING AS PROFESSIONAL • Skills • Communication • Attitude 9
  • 10. ALPINE SKI HOUSEALPINE SKI HOUSE CHOOSE YOUR FACTION 10 Offensive Red Team Defensive Blue Team
  • 11. ALPINE SKI HOUSEALPINE SKI HOUSE  Creating Your Own Virtual Lab  Pentest Lab :  VulnHub, DVWA, bWAPP,  Cyber Defense Lab Blue Team  Detection Lab, Blue Team Training Toolkit, APTSimulator  Joining Online CTF Lab and Challenge Yourself  Pentest Lab :  HackTheBox, Pentestit.ru, Attack Defense Lab  Cyber Defense Lab Blue Team  Attack Defense Lab, SANS Forensic Challenge, 11
  • 12. ALPINE SKI HOUSEALPINE SKI HOUSE  Join Instant Messaging Community (Telegram / Whatsapp / Slack)  Pentester ID (Telegram)  ECHO (Telegram)  Jasakom Perjuangan (Telegram)  Cyber Army (Telegram)  CDEF (Slack)  IT Audit & Security (Telegram)  Indonesia Honeynet Project (Telegram)  Join the Bug Hunting Platform: Cyber Army, Red Storm, BugCrowd, HackerOne, Synack, dll  Join the Discussion forum or related Facebook Group.  Write and publish research as blog post, paper, article, etc.  Attending Cyber Security Conference, Seminar, Workshop, Training. 12
  • 13. ALPINE SKI HOUSEALPINE SKI HOUSE REFERENCES  Red Team :  https://www.amanhardikar.com/mindmaps/Practice.html  https://medium.com/mii-cybersec/improving-pentesting-skill-with-intentionally-vulnerable-apps-ece1cdf3dc63  Blue Team :  https://github.com/pe3zx/my-infosec-awesome#adversary-emulation  https://www.amanhardikar.com/mindmaps/Forensics.html 13
  • 14. ALPINE SKI HOUSEALPINE SKI HOUSE CERTIFICATION Should? Should not? • Help employers evaluate potentials new hires. • Recognition of competency. General? Specialized? Graduation diploma? 14
  • 15. ALPINE SKI HOUSEALPINE SKI HOUSE DAILY ACTIVITIES (AS PENETRATION TESTER) • Find vulnerabilities • Create Proof of Concept • Write a report • Present the result * 15
  • 16. ALPINE SKI HOUSEALPINE SKI HOUSE CHALLENGES (GENERAL) • Must follow security trends, discoveries, and techniques. • CVE • Security Bulletin • Security incidents • Specialization. • Simplify the problem so even non-technical people understand. 16

Notas do Editor

  1. © Copyright Showeet.com – Free PowerPoint Templates
  2. © Copyright Showeet.com – Free PowerPoint Templates