Ask HN: Is specializing in these cybersec domains a good direction to take?
Hey, this is my first time asking here.
A bit about myself: I'm currently a cybersecurity student at a university, not in the US. Things are a bit different in my country, but to give you an idea of my academic background, we can say it's similar to having a bachelor's degree in computer science, and now I'm in a master's cybersecurity program.
Recently, I have been thinking that I should specialize in some cybersecurity domains. The motivation for this thought process is that cybersecurity is a huge multidisciplinary field, and you can't be an expert in everything (network security, IAM, cloud security, Android security, Windows security, etc.).
Before specializing, I believe it's important to have a solid foundation, and I think I do. My background includes:
- Networking: LAN (equipment, VLAN, subnetting, routing), WAN, dynamic routing, firewalls, network services (DNS, DHCP, NFS, SAMBA, ), OSI model, different TCP/IP protocols... - Programming: HTML/CSS, JS, C/C++, Java, Python, and shell scripting. - A good understanding of Linux, cryptography, among other topics.
Now, the question is: which domains should I focus on? After doing some research https://pauljerimy.com/security-certification-roadmap/ and based on discussions with my professors and based on my personal interests, I have chosen the following areas:
- OS Security
- Malware Analysis
- Digital Forensics
Thus, I plan to delve deeply only into these domains. For example, regarding OS security, my plan is to:
1. Study the theory of how operating systems work. For this, I have begun reading the famous book "Operating Systems: Three Easy Pieces" You might wonder why I'm revisiting this topic since I have a bachelor's in computer science; the answer is that most courses don't go into too much detail, and I want to refresh my memory.
2. Explore the design decisions of specific operating systems (for Linux, I plan to read "Linux Kernel Development" by Robert Love; for Windows, I will read "Windows Internals").
3. Participate in CTFs and challenges that focus on OS security.
The goal of this post is to share my thoughts and to ask the community what they think of this thought process. Any thoughts, tips, or recommendations are very welcome.
EDIT: formatting.
I thought about it about 20 years ago, found you could actually get a lot of crap for publishing on the subject, and decided I’d rather build systems than take them apart.
>found you could actually get a lot of crap for publishing on the subject
Can you clarify what do you mean please?
Lawsuit threats. Targeted hacking. That kinda stuff. Wasn’t a target of targeted hacking but knew grey hat (blue hat?) people who crossed the line and got hit.