As network security is listed as part of the national security strategy, the development of this subdivided field has accelerated a lot. In addition to some traditional security vendors, some major Internet companies have also increased their investment in this area. Those who came attracted more and more fresh blood.
Unlike Java, C/C++ and other back-end development positions that have a very clear learning route, network security is more to be explored by oneself, and there are many things to learn, which is difficult to form a system.
Network Security Branch
In fact, on top of the concept of network security, there is a bigger concept: information security.
The jobs mainly include the following
Network Security Engineer
Information Security Engineer
Risk Assessment Engineer
Emergency Response Engineer
oSystem integration engineer
Guarantee test engineer
Security operation and maintenance engineer
Big Data Security Engineer
security researcher
Penetration Test Engineer
Code Audit Engineer
Security R&D
There are two main categories of R&D posts in the security industry:
R&D positions that have little to do with the security business
R&D positions closely related to security business
You can understand network security as the e-commerce industry, education industry and other industries. Every industry has its own software research and development, and network security is no exception as an industry. The difference is that the research and development of this industry is the development and network security business. related software.
That being the case, there are common jobs in other industries in the security industry, such as front-end, back-end, big data analysis, etc., which belong to the first category above and have little to do with security business. Here we focus on the second type of R&D positions closely related to security business.
This category can be further divided into two subtypes:
Do security product development, do defense
Do security tool development, attack
The products to be developed by the security industry mainly (but not limited to) include the following:
Firewall, IDS, IPS
WAF (Web Application Firewall)
database gateway
NTA (Network Traffic Analysis)
SIEM (Security Event Analysis Center, Situational Awareness)
Big Data Security Analysis
EDR (Security Software on End Devices)
DLP (Data Leakage Prevention)
antivirus software
Security Detection Sandbox
The technologies used to develop these products are mainly three technology stacks of C/C++, Java, and Python, and there are also a small number of GoLang and Rust.
Compared with the other two directions, security R&D positions have lower requirements for network security technology (only relatively, the R&D of some products does not have low requirements for security skills), and I have even seen many R&D companies that have nothing to do with security. Know.
In this case, if you have an understanding of network security technology in addition to basic development skills, it will naturally be a bonus item when you interview for these positions.
For security R&D positions, in addition to the requirements for general development skills, you can focus on the following technologies:
The above list is only the most directly relevant part, and you need to know more security technologies to develop products better, continue to look down.
binary security
Binary security direction, which is one of the two major technical directions in the security field.
This direction mainly involves software vulnerability mining, reverse engineering, virus and Trojan horse analysis, etc., and involves operating system kernel analysis, debugging and anti-debugging, anti-virus and other technologies.
Because we often deal with binary data, binary security is used to collectively refer to this direction over time.
The characteristic of this direction is: need to endure loneliness.
It’s not as good as security research and development, which can have real product output, and it’s not as cool as the direction of network penetration. This direction spends more time in silent analysis and research.
Taking vulnerability mining as an example, it takes a lot of time just to learn various attack techniques. In this field, it may take months or even years to study a problem, which is definitely not something that ordinary people can persist. Not only that, success is not achieved through hard work, but more on talent.
If you still have the courage to enter this field after reading these, then the following things you need to learn:
Compared with security research and development, this direction is not only more technically difficult, but there are few companies that provide these positions, and they are basically distributed in several first-tier cities in Beijing, Shanghai, Guangzhou and Shenzhen.
network penetration
This direction is more in line with most people's perception of "hackers". They can hack mobile phones, computers, websites, servers, and intranets, and everything can be hacked.
Compared with the direction of binary security, this direction is easier to get started in the early stage. After mastering some basic technologies, you can hack with various ready-made tools.
However, if you want to change from a script boy to a master hacker, the further you go in this direction, the more things you need to learn and master:
The direction of network penetration is more inclined to "practical combat", so there are higher requirements for the breadth of technology, from network hardware devices, network communication protocols, network services (web, email, files, databases, etc.), to operating systems, attack Methods and so on need to know. I am more inclined to be an all-round computer expert, who can integrate various technologies for "actual combat".
The work in the direction of network penetration has the following directions:
Security service, commonly known as Party B, is the most important direction, providing security capability support for Party A's company, such as penetration testing, product security testing, etc.
Security capacity building, commonly known as Party A, domestic companies with a small scale have their own SRC (Security Emergency Response Center), that is, their own security team.
National team: you know
learning route
After talking about the three major technical directions above, let’s talk about how to get started? Let me talk about my opinion below.
First of all, don't try to divide the direction, lay the foundation first! You can refer to the following learning route (high-definition expandable brain map moves to the end of the article)
The first step in getting started is to systematically learn basic computer knowledge, that is, to learn basic knowledge modules: operating system, protocol/network, database, development language, and common vulnerability principles. After learning the basics, it's time to practice.
Then it enters the penetration stage:
- Penetration and Defense of SQL Injection
- XSS related penetration and defense
- Upload Verification Penetration and Defense
- File contains Penetration and Defense
- CSRF penetration and defense
- SSRF penetration and defense
- XXE penetration and defense
- Remote Code Execution Penetration and Defense
- Deserialization Penetration and Defense
- logic loophole
- Violent dismantling and defense
- Redis Unauthorized Access Vulnerability
- AWS Vulnerability Scanning
- Appscan vulnerability scan
- Nessus vulnerability scan
- MSF-Metasploit Framework
- social engineering
- APP Penetration and Prevention
- System Privilege Escalation Penetration and Defense
- DOS and DDOS Penetration and Defense
- Intranet-related penetration and defense
- Wireless Security Related Penetration and Defense
- Trojan horse avoidance problem and defense
- Vulnhub shooting range combat series
- Kali Advanced Penetration Testing
Master the principles, usage and defense of common vulnerabilities.
In the web penetration stage, you still need to master some necessary tools.
The main tools and platforms to master:
- burp
- AWVS
- Appscan
- Nessus
- sqlmap
- nmap
- shodan
- fly away
Proxy tools:
- ssrs
- hydra
- honey
- Airspoof
The practice of the above tools can be practiced using the above open source shooting range, which is enough.
The above can be learned in three to four months, and then you can learn security services:
- risk assessment
- Class protection
- Security Advisory
- Interpretation of Safety Laws and Regulations
- You can also learn CTF technology.
After about three months of earnestly studying the knowledge summarized above, you can definitely get started and reach the primary employment level of the enterprise. It is not a big problem, at least you can be a basic network security engineer, but if you want higher salary and better treatment You have to learn endlessly.
From the perspective of the development of the times, the knowledge of network security is endless, and there will be more to learn in the future. Students must correct their attitudes. Since they choose to get started in network security, it is not just the level of entry, the stronger the ability The more opportunities there are.
Because the knowledge points at the introductory learning stage are relatively complicated, the above is relatively general. If you need relevant information, you can also ask me for it. I have also compiled a super complete information note here. If there is anything you don’t understand, you can ask me for advice. If you want to enter the industry and become an industry leader, welcome to contact me. I promise to know everything and talk about it.
study method
The above introduces the technical classification and learning route, here to talk about the learning method
Reading and learning , this is the most basic
Hands-on , the development route needs to write more codes, read excellent open source codes, analyze more samples in the binary route, write EXP, etc., use more website practice for penetration testing (legal method), etc.
Play CTF , participate in some network security competitions, and exercise your hands-on ability in an environment close to actual combat
Mix circles , mix more communities, communities, and forums that are haunted by security experts, master industry information, and understand the latest technology trends
The full version of the online security learning materials above has been uploaded. If you need it, you can scan the QR code of the CSDN official certification below on WeChat to get it for free [guaranteed 100% free]
