Thank you for watching, I'm glad to hear it's somewhat helpful! Definitely adding that to the upcoming video ideas, there's a lot I would do differently going back. Awesome idea! 💚

@@madhatistaken HELL YEAH, I DID AN IRL FIST PUMP WHEN I READ THIS. I honestly don't know where it even came from, I never do that.

@@bigbojangles4585 😅 I hope it's worthy of your excitement. I'll try to provide some good info in it 💚

Well freaking said

😎

I'm glad to hear it was helpful! I'll keep trying to provide informational and somewhat humorous security content, thank you for watching! 💚

Thank you for watching! 💚 Keep keepin on with the learning! I'm learning tons daily 😅

I shall make awkward update videos as I progress through! 😅 Thank you for watching! 💚

Thank you for the kind words of support! I'll keep trying to make helpful stuff that is edu-taining. 🫡💚 Hope the Google cert was helpful!

Thank you! I'm tryin 😅💚

I'm not an expert, but I've been told confidence goes a long way. I don't like to think I'm smarter than others, but the old adage "if you're the smartest person in the room, you're in the wrong room" comes to mind. I'm just trying to learn and feel like my learning curve in my current position is coming to a plateau, I find myself frustrated when I ask my fellow junior analysts questions only to get information I've already pointed out 😕 and I'm not blunt enough to say "I already knew that" and so I will listen as they explain for a few minutes. I know you're probably just as qualified (probably more) to do this job, but I hope I can at least be entertaining 😅

Fluff up your resume with buzz words for sure! I'm suspicious with my last batch of applications. Thinking there's a lot of automation involved and just pumping applications through a bot 😅Let us know if you land some solid interviews!

Thank you for watchin'!💚

💚

Me too!🤞🤞🤞 Maybe I'll get the Facebook job and spill all the security secret sauce and beans to all y'all 😅

I mean, how do you go to investigate a specific alert, how do you assume if something is malicious /suspicious or not. I work as soc level 1 and the impostor syndrome hits me hard

@@vinyldown8490 I treat every alert as guilty until proven innocent 😅 Regardless of where the alerts is generated (SIEM, EDR, etc.) I check what conditions were met in the alert to cause it to fire. Was it a process, installation, cmd line, etc. I treat installations with more scrutiny and have to dig up where the installation came from, what is normal file paths for the installation, who is installing and why would they need it, file hashes, check for process injections, potentially side loaded dlls. I just run through the surrounding processes to see if there is anything out of the ordinary. Sometimes it's just checking all the artifacts and activity and just knowing that all of it as a whole is benign. If I'm not sure on something I'll ask other analysts to check over what I've found so far. If I'm still not sure I'll reach out/escalate to senior analysts. My boss said it just takes time for you to get better at understanding and identifying what is suspicious/malicious in OUR environment and that every organization is different.

Maybe I can make a triaging 101 video where I go through a few alerts at once and then let people guess what's malicious and not before moving on in the video 🤔It's unfortunate how many false positives there are because it gives you a false sense of security 😅

@@madhatistaken thanks this is great. Two things, 1st how many alerts do you have each day. In my previous job I has 15 a day and I could do that. In the Qradar I am right now, we have 200qradar offences per day, and all of that would be impossible. ( tuning is almost an unknown word in the organization I am in right now)

@vinyldown8490 I'm definitely on the 20 alert end like your previous position. If you're expected to bust through that many alerts then I imagine understanding baseline is even more important so you can make quicker decisions. Our security department used to have thousands of alerts daily and 30 security analysts before it was overhauled with different security tools, tuned, and the IR team brought down to roughly 10. Funny enough our SIEM used to be Qradar, but my bosses didn't like it 😅 If you're handling primarily SIEM alerts then checking the user field, URLs, IPs, and a few other artifacts might be good places to check for baseline normal behavior.

💚

💚

Our company doesn't have a baseline, I'm not sure most would as that would be difficult to create and upkeep. The threat rules have suppressions and false positives in the coding notes which does provide some insight to baseline behavior, however most alerts are more one of a kind where I have to use a combination of previous knowledge on what is normal behavior from operating system process and programs AND a lot of figuring it out as I go along. Since there's so much available old/new software that I've never heard of. I often have to research the reputation and weigh the business use case to determine whether or not an uncommonly used program should be allowed to remain installed on an endpoint.

If you’re just breaking in, I’d honestly recommend doing the google IT support and the Google cyber security cert. those certs won’t land you a job by themselves, but the info they provide with a beginner friendly presentation, it’s great 👍🏽

Coding isn't really require unless you are a cybersecurity engineer. Cybersecurity analysts have many premade tools for doing what they need, but can also write their own scripts to do specific things they need.

If you're not getting any interviews your resume might need tweaking and/or you might need to apply to more jobs. I applied to over 1000 and only heard back from 15 or so and only got recruiter interviews over the phone from about 6 or so. Have you researched resume tips? Do you have any projects, home labs, achievements in hacking sites, CTFs etc listed on it? Hard to say without looking at your resume if it's OK and you just need to apply to more but I'd say you're more than qualified to be landing some interviews.

Not sure how the secrecy of the vendor provided software is concerning in this particular position. A lot to unpack there. If you're quoting to argue the tools aren't worth learning (I think that's what you're implying), knowing how they function fundamentally still helps in understanding how our data is being "protected", even if it does become fully AI or is "trade secret". Also, I agree that it's highly likely VPN companies are CIA backed, knowledge is power and they have a lot of money to back them up. I don't do anything of value for them on my computers. I do enjoy learning how to know you're being watched/tracked.

@@madhatistaken Hmm. if what you say is true then I have the Ultimate test for you. If you really want to see just how far reaching their control of information goes on all global platforms I can tell you, even show you as I have first hand experience. Example. to understand their control mechanisms you simply unleash information we are not supposed to have. I have spent 10 years now gathering and releasing specific information that is 100% forbidden. I have the US Air Force, US Navy, FBI, DHS, Israeli Defense Forces, Anti Defamation League and a dozen or so other govt agencies/private corps all on camera working together to stage attacks on Americans.. I could write a book on how they control/eliminate banned info. I can also name them, show their faces, and their crimes on HD video. Sounds crazy right? Of course, but the problem is I can prove it all. It would be interesting to melt the system with reality but I lack the knowledge on how to do that

Requirements vary widely by company and position. Some positions you can get with just the sec+ and some cyber security projects on your resume. Others will require a bachelors plus several certs to even be considered. I suppose sec+ (if you don't have a bachelors) would be the minimum. The job market is really difficult at the moment, so people need to adopt a continual learning mindset throughout their job application process (and career too) where you continue your education through either certifications or formal college education until you can land that entry job.

​@@madhatistakenwhat exactly would a cybersecurity project be? Building your own labs or? What type of projects would look good on a resume?

Both! My job has me doing a lot of different things. With opportunities to do more if I find the time.

@@madhatistaken Bro,i want to be a splunk engineer but don't know the whole certificate or knowledge/experience path. Does it need expert lvl of coding(i hate coding) or how hard it is to be a splunk engineer? Please make a complete video on it🙏. I can't find any video which contains all these informations and i think u can tell it better than anyone bcz u r in this role r8 now🔥

We used VirtualBox and VMWare all throughout my bachelors courses. I preferred VirtualBox for how easy it was to setup/use. You can even install a copy of KaliLinux on it so you don't have to deal with dual boot 😅 M1/M2 chips made compatibility tough...

You definitely don't need a degree to get into cyber. A lot of government jobs might still require it, however certifications are quickly becoming highly sought after in the private sector. Having a bachelors even unrelated to cyber still shows you're willing to put in the work paired with a few choice certs, you will stand above someone with just certs. Just have to put in the effort to learn the content needed for whatever niche you decide to go after in cyber as it has many roles. A couple of my coworkers now started out from general IT and even a security guard at the company front desk prior to getting into their security analyst roles. My last job I had a coworker who was wicked smart and had a criminal justice degree who transitioned into azure cloud engineering from helpdesk. It's definitely possible! 💚Just have to study up and apply to relevant jobs!

@@madhatistaken Thank you so much, I will definitely follow this guideline

I'm originally from California. Currently still on the West coast. Definitely still a huge market right now, proving your qualifications and experience is the hard part though with everyone and their family applying to these remote jobs 😅

Indeed it is

@@madhatistaken h4xor

There was a good bit of downtime when I started, but a few months in we were all given documentation to do plus I was taken on to do the threat detection project. We aren't micromanaged, so I can make some down time provided the ticket queue is taken care of. My boss and his boss have given talks on how "we're all adults" and as long as work is getting done, then we have some freedom in our daily work. Really is an awesome work environment, albeit the pay is less than average 😅

​@@madhatistakenwould you say 60k is too high for a tabula rasa entry soc role?

Same could be said about programming?

@@madhatistaken I don't know about that. I think that it will be able to give great coding samples to integrate into your application but I don't see it generating a full application debugged and ready for production in the next two years

@@AlienWarTycoon Sweet, I'll pivot to programming once I'm replaced 😎

@@AlienWarTycoonif false positives are still a big problem in todays industry how could you possibly think that soc analyst would be replaced?

@@CyDETECT I was not talking about today.

Too many months

💚🙂

Anyone can get into it if they put in the time and effort! It's an exciting career 🥳