Information Security—also called Cybersecurity, or InfoSec—is arguably the most interesting profession on the planet. It requires some combination of the attacker mentality, a defensive mindset, and the ability to constantly adapt to change. This is why it commands some of the highest salaries in the world.
my information security blog posts
InfoSec is such a big field, however, that it’s useful to break it up into sections. I’ve done this over the 20 years that I’ve been writing about security, and here are some of the topics you might find interesting.
Sales and marketing teams often conflate these definitions, leading to confusion in the industry.
- Offensive Security Testing
- Security Assessment Types
- When to Use Different Types of Security Assessments
- The Difference Between Pentesting and Red Teaming
- The difference between Red, Blue, and Purple Teams
- The Difference Between Threats, Threat Actors, Vulnerabilities, and Risks
- The Difference Between Events, Alerts, and Incidents
My cybersecurity career guide takes you step by step through the process of building a security career.
- Building a Security Career
- Security Team Types
- Security Definitions
- Security Philosophy
- Security Concepts
Attack
- Security Assessment Types
- The Difference Between a Vulnerability Assessment and a Penetration Test
- The Difference Between Red, Blue, and Purple Teams
- A Masscan Tutorial
- A Bettercap Tutorial
- How to Use Shodan
- When to Use Vulnerability Assessments, Pentesting, Red Team Assessments, and Bug Bounties
- Purple Team Pentests Mean You’re Failing at Red and Blue
- An
nmapPrimer
Defense
Assorted
- My Information Security Blog Posts
- Information Security Definitions
- The Difference Between Threats, Vulnerabilities, and Risks
- How to Build a Successful Information Security Career
- The Birthday Attack
- Information Security Interview Questions
- Encoding vs. Encryption vs. Hashing
- Diffie-Hellman Explained
- The Difference Between the Internet, the Deep Web, and the Dark Web
