What are
/r/SecurityCareerAdvice's
favorite Products & Services?
From 3.5 billion Reddit comments
The most popular Products mentioned in /r/SecurityCareerAdvice:
The most popular Services mentioned in /r/SecurityCareerAdvice:
Cybrary
Splunk
SlideShare
GitLab
pfSense
The most popular reviews in /r/SecurityCareerAdvice:
Money is better spent on buying Daryl Gibson's Security+ book. https://www.amazon.com/CompTIA-Security-Get-Certified-Ahead/dp/1939136059/ref=sr_1_1?ie=UTF8&qid=1548305275&sr=8-1&keywords=daryl+gibson+security%2B
$31. When I took my exam, EVERYTHING was in this book. I usually suggest multiple sources for study, but with this, that book was the only one I needed. I did use other ones (worry wort myself), but that book had it all when looking in hindsight. I really can't recommend that book enough. Dumps? I'll always pass on those. If you know the material, you'll be fine. Practice exams question if you know the material, but they may not be like the actual exam itself.
The fewer materials the better. What got myself and three others to pass was:
- CISSP All-in-One by Shon Harris https://www.amazon.com/CISSP-All-One-Exam-Guide/dp/0071781749
- The testing engine hosted by the publisher of #1
- The test method in: https://youtu.be/wod92WIn92E
Hope this helps!
This book was recommended recently its pretty good. Tanya Janca knows her stuff but has an amazing knack of breaking things down.
https://www.amazon.co.uk/Alice-Bob-Learn-Application-Security/dp/1119687357
The internet is your friend! There is a really cool website dedicated for cyber security training and it’s all free!
https://www.cybrary.it/video/introduction-to-gdpr/
You can also find here about other regulations that I mentioned above as well if you are really interested in other topics in security like pentesting and again all free and really good instructors!
Vulnerable Azure instances as in a full-scale Azure environment, or just vulnerable VMs?
If the former, I don't think anyone has put together something like that. Best bet would be to register for an M365 Developer License and setup the environment with the specific resources you'd like to test yourself.
I'd recommend reading Pentesting Azure Applications as well.
This is 100% correct.
I strongly recommend anyone with even a tangential interest in security watch the first module in The Great Kelly Handerhan's amazing free CISSP course. It's all about risk management, cost-benefit analysis, policy definition, etc. She walks you through how to quantify how much that switch saves the company (hint: you have to know the value of the assets its protecting, the damage caused by a breach, and how many breaches) and how to determine if it is something the bosses will actually give a damn about or if they'll just accept the risk.
Here is some good splunk info I still use as a reference. Good tricks, teach you some advance queries and give you some ideas to go hunting.
https://www.splunk.com/blog/2017/07/06/hunting-with-splunk-the-basics.html
You mean this?
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder. https://www.amazon.com/dp/1500734756/ref=cm_sw_r_cp_api_glc_fabc_GXK6FbGNGBBSF?_encoding=UTF8&psc=1
Aware of that, but do you think the book might be useful as a reference? I wasn't sure, but I thought this is what that poster was referring to. https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119475937/ref=sr_1_4?dchild=1&keywords=sybex+cissp&qid=1596763327&s=books&sr=1-4