I think this the push I needed to actually do this! I've been thinking about doing it. Sucks when you know you can do the work but the fact that you don't have experience means you're nothing in the job market.
People like you get ahead of honest applicants, who chose not to lie. The fact that you have no regrets shows that you're lacking in sense or conscience.
Sadly that's what we all have to do to get started. I have been rejected many times for being honest and only when I decided that I am gonna lie about my experience I managed to get a job. Nobody cares about giving you the chance if you have no expereince.
Really great advice! This type of self-initiated planning for any job is a must for young and/or inexperienced people in today’s world arena. You show some great examples of how to do this and I am sure there are people who will become happy, successful, employed or self-employed workers due to your advice! Thank you!
You could use the first project as a SOC analyst project. Install the Elastic Stack. Configure Logstash to Process Honeypot Logs. Configure Kibana to Visualize the Data.
I love some of the ideas discussed but why is actual web application testing (QA) never discussed? Speaking from experience, there's a far greater set of skills gained from learning testing fundamentals over web dev.
This is a great video but I want to know where to start. I understand this video is general but say I don’t know how to setup/make a web app. Where would I look to start? What sources would be good to look into or repos to clone?
Some good ones would be setting up a virtual lab environment to simulate a SOC. And in that lab, deploy a SIEM (Splunk or the ELK Stack / Elasticsearch, Logstash, Kibana). Another option is Security Onion or Wazuh. There is a good series by HackerSploit on setting up Wazuh as a SIEM (ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-Hq58_yGJwHk.html).A SIEM project like that would go a long way. Another project idea would be to deploy a PFSense firewall (www.pfsense.org/download) to learn how they work and how to create firewall rules. It also has built-in integrations with the Snort IDS/IPS. Also on the network side, even just deploying Snort or Suricata can be really beneficial in learning how an IPS or IDS works, and we actually cover this in the upcoming SOC 101 course. Other project ideas: To get EDR experience - look into LimaCharlie For event logging and log analysis, look into installing and configuring Sysmon or using DeepBlueCLI The best advice for doing any of these projects, is to document it somewhere. Even if it's just a blog post, or a README on GitHub. Something to document the steps you took, what your objective/goal was, any issues you ran into along the way (and how you solved them), and what you learned by completing the project.
Hey! We're going to update this video for 2024, but this still has some solid pointers. ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-4JZjj_H4ei4.html
Are you in our Discord server? Sometimes people share jobs there - would recommend checking it out! Here's a link to the server: discord.com/invite/tcm
