Learned Lessons, Nakerah Podcast

Arabic Version

Table of Content

• Non-Technical
• Technical
  • Reverse engineering and malware analysis
  • Telecom Security
  • Digital Forensics
  • Solution Architect path
  • DevSecOps
  • Exploit Development
  • Operational Technology
  • GRC

Non-Technical

Nakerah Podcast 01, Amr thabet

1. There are many ways to learn if a road does not suit you change it
2. failure at CTF != failure in CyberSecurity Field
3. Branding Yourself is very important besides your technical skills
4. You do not have to be a professional programmer do succeed
5. Having a mentor will save you a lot of time and effort
6. Working on trending Projects, will make people know you better

Nakerah Podcast 02, Ali hadi

1. Parents roles are important
2. There is No 100% right path
3. Continuity is a must
4. It is not a rule that foreign people make the best products
5. Humility is a beautiful thing, regardless of your status or age
6. Reading and writing simple codes is Very important
7. Community are important for improving skills and to be within an Encouraging atmosphere
8. If you want to be good at something, explain it to others
9. Do not compare yourself to others, Just improve yourself
10. Mention people who help you is from high morals
11. Helping others is very good even with a small piece of advice
12. Accept knowledge from anyone regardless of color, education
13. Many people will doubt your abilities, ignore them
14. If you want to create something, make it very well and with a Competitive advantage
15. Your failure is a success too, if you learn from it

Nakerah Podcast 03, Bahaa othman

1. Do not stick with one mentor, learn from every one
2. Getting a job is 50% technical, 50% soft skills
3. Build your network, and ask for help, do not be afraid
4. To secure something you have to understand different aspects of it very well
5. The competition is intense so you should work to build your skills during university and before that if possible

Nakerah Podcast 04, Hassan mourad

1. everyone needs multiple mentors who have more experience in different aspects of life (Social life, Career,..etc.)
2. Work-life balance is a must to be productive not overwhelmed
3. In Cybersecurity most of the times there is a conflict between Business and Security, your responsibility to do the best for both
4. Managing your time and put S.M.A.R.T goals is a must
5. Be flexible and open in the beginning to explore different security tracks.
6. try to put some challenges from time to time to push you to work hard
7. Hardest certificates are easy for who practice very well
8. CISSP should not be perceived as an achievement.
9. Certification is a more of credentials rather than an assured knowledge validation.
10. Multinational companies look for what extra stuff you can do? extra circular activities, something that differentiates you from others.

Nakerah Podcast 05, Moustafa Altantawy

1. Building Your Network is very important, Bigger Network, More opportunity
2. Choose a big goal and small ones to measure your success
3. Your Connection will help you to land your first job
4. LinkedIn from the most important tools to build your network
5. Presence of a mentor will help you to save time and effort and stay away from mistakes
6. One Mentor must be selected for each objective. Having more than one mentor will be a factor in distracting you
7. your Mentor should have reached the goal you want to achieve or something like it 8.SoftSkills are very important. Do not focus on the technical side only and ignore the other, the consequences are dire
8. The common belief that if you were not starting in the field, you cannot act on it is wrong. A lot of system/network Admins have switched to the domain even though they started somewhere else
9. The difference between the environment in the Arab world and the United States is a strong competition. If you thought it is easier outside, you are wrong
10. Strict to your goal, but be flexible to change unsuccessful plans
11. Pentesting not the only field in CyberSecurity, try others
12. be focused on one domain master, it then, move to another
13. Helping others is an effective way to build relationships and gain different experiences. Your explanation of the information will greatly help you to understand and master it
14. OS and Network basics are very important
15. The field of a solution architect requires knowledge of several areas and you usually cannot start with it but only after going through the other different departments and gaining experience
16. To enter the DevSecOps field, you must practice a lot in a High-level language such as Python

Nakerah Podcast 06, Mohammed Askar

1. To master new technology, you must first learn how it works
2. If you cannot get a Mentor, try to get in touch with the existing communities
3. You should write documentation and take notes for every new thing you learn …. Don’t trust your memory
4. When learning something new, you must practice to understand it well, not just reading
5. Sharing your work, even if it is simple, will help you very much in building your Network
6. Participation in open-source projects will give you a good reputation
7. Soft skills and communication skills are very important … not everything is technical
8. Vulnerability researcher should be very good at programming to understand code and write exploits
9. Focus on trending topics to get the biggest return
10. CyberSecurity is not an easy path, so be patient until you see results
11. Receiving information from more than one source will help you to understand it well, but do not over repetition

Nakerah Podcast 07, Osama Hijji

1. During your career, you will go through four phases, each of which takes up to 5 years
   1. The first stage is trying to identify the different fields
   2. The second stage chooses the area in which you want to specialize and focus on it
   3. The third stage delves into a specific part of the field that you have chosen before so that you will be an expert in it
   4. The fourth stage moves to starting your own business or entering the administrative field
2. A job is not the only way to gain experience
3. Research is one of the most important skills in the field of CyberSecurity, so whoever relies on indoctrination will not be able to succeed
4. The Mentor is anyone who can benefit from it
5. Your first job may not be the one you want, so try to learn from it as much as you can at the moment

Nakerah Podcast 08, Sabri Saleh

1. Linux OS is not just kali, try to use a pure Linux distribution like Ubuntu and install your tools to it
2. In the beginning, pick a programming language that you like and try to automate most of your work with it, you will learn faster this way
3. Try to understand vulnerabilities and attacks in depth no just doing the attacks
4. No one knows everything, so just focus on one topic, master it then move to another one
5. OSCP is just an introduction to Penetration testing after that you have to choose your field (Web, Mobile, Network)
6. Practicing on labs like HTB, Pentesterlab,..etc is a must
7. try to communicate with the communities around you
8. Understand the concepts then practice it.
9. To hack A, Learn how A works first
10. Sharing your work and helping others will give you a big boost in your life
11. your first job doesn’t need to be a CyberSecurity related
12. Mentor is good to have, but not a must

Nakerah Podcast 09, Mostafa Siraj

1. You cannot secure something, without knowing how it works
2. System administration and Software engineering Understanding are important to get in CyberSecurity
3. Curiosity is important do not make assumptions try to understand everything
4. Quieter you become the more you can learn
5. Stay away from Vendor-specific learning resource
6. Try to get in the local or online communities related to your field like owasp chapters
7. Participating in opensource projects will give you a big boost
8. Try to listen to CyberSecurity Podcasts, Webinars,..etc
9. Attending conferences is very important
10. In leadership positions improving your team is your first goal

Nakerah Podcast 10, Loay&Yahia

1. Passions is very important to keep going in CyberSecurity
2. Focusing on market trends and hands-on skills are a must to get better
3. Understanding in-depth concepts other than just knowing what the tool does
4. Mentor will help you a lot but if you did not get the chance to find one it is not a problem
5. You may need multiple mentors for multiple levels
6. Master degree will be more suited for people who are interested in Researching and academic area
7. If you are not learning something new at your current job so you’re just wasting your time
8. participate in Opensource project, building tools, join high-quality CTFs are more important than getting expensive certificates
9. Programming is very important otherwise you are a script kiddie using tools
10. Try to do what people do not do, it will make you stand out from the crowd

Nakerah Podcast 11, Omar Sherin

1. Operational technology (OT) or Industrial Control system (ICS) are the technology that controls smart buildings, nuclear reactor, ..etc
2. Supervisory Control and Data Acquisition (SCADA) is one of the families under the OT
3. SCADA is used in the automation of production processes
4. some problems in OT can lead to loss of lives
5. working in OT considers a national duty

Nakerah Podcast 12, Ebrahim Hegazy

1- Mentor will help you to shorten your path but it is not a must
2- Your network will open many gates so try to improve your communication skills
3- programming is very important, do not ignore it
4- try to dig deep and understand every little thing
5- automated tools will not help you, because someone does that before
6- logic vulnerabilities are good to start with as it hard to find by automated scanners

Nakerah Podcast 13, Ahmed Shosha

1. You do not have to be a graduate of CS or engineering school to be a successful security professional.
2. Learning is a journey and not a race. There is no early/late arrivals. Take a decision and start executing.
3. Sometimes we may not be able to figure out our true passion. It’s important to spend enough time in the beginning getting exposed to different tracks…may be you have not hit the thing you like most yet!
4. Being able to finish reading a book in a specific track and enjoying it is usually an indicator that you are a good fit for this track.
5. Being rejected in scholarships does not mean you are not a good fit. Also being accepted does not guarantee you are a good one.
6. Almost all problems can be tackled by persistence.
7. Solid understanding of fundamentals is your interview passing ticket in big companies.
8. There is no one that fits all plan/roadmap. Everyone should do his homework and contribute significantly to building his own plan.

Nakerah Podcast 14, Bassem helmy

1. You have to understand the technology you are working on very well no matter you are in an offensive or defensive part
2. Penetration testing is not the only track in CyberSecurity
3. Hands-on skills are mandatory, not optional
4. In real life, patching and updating are not always an option. in this case, you will have to read the exploit and apply your suitable defense
5. Penetration testing is not just about to exploit the vulnerability. You will need to understand business risks
6. Penetration testing != Red team, but to be a red teamer, you need to be a professional penetration testing
7. Branding yourself is something you must do
8. Wining high-quality CTFs like SANS, Bug-Hunting, Writing tools are gates to brand yourself
9. BugBounty is not just about to find XSS in unknown websites
10. Build your environment, then try to Penetrate it this way you understand what is happening behind the scenes

Nakerah Podcast 15, Hashem Al-azizi

1. Building a Network of connections is more important than sending your CVs to Companies
2. Governance, Risk and Compliance (GRC)
   1. Governance is creating the rules and responsibilities for everyone
   2. Risk management is creating a list of possible risks that may affect the company and try to avoid them
   3. Compliance is the part where we follow the rules of the previous two steps
3. Commitment and discipline are two mandatory soft skills to succeed in CyberSecurity
4. Shifting from the technical side to GRC will not be difficult
5. Mentorship will help you a lot along your path
6. regular and constant effort even though it were little more important than big efforts on irregular interval
7. Sharing your knowledge with others will open doors you do not know about

Nakerah Podcast 16, Abdulrahman Al-Nimari

1. As a CyberSecurity manager you have to be able to explain technical concepts to non-technical managers
2. to get into CyberSecurity you have to understand the basics of Networking and different Operating systems
3. Programming is a mandatory skill to get into CyberSecurity
4. Knowing the basics of CyberSecurity like risk calculating different types of attacks is important no matter the track you will choose
5. Your first job must not be in the CyberSecurity field you may start with the development or system administration field and try to apply your CyberSecurity knowledge in your job
6. The more connections you have, the easier for you to find a mentor
7. You can have multiple mentors for different fields, not just one
8. To move to the Managing side in CyberSecurity you need to understand what Governance, Risk, and compliance mean and prove the project management skills 9. Focusing on the technical side only while you are on the Managing side may be reasons for failure
9. Focusing on the technical side only while you are on the Managing side may be reasons for failure

Nakerah Podcast 17, Bader AlZahrani

1. Specialization is to take one topic and master it, while generalization understands the basics of each topic
2. Your passion and ability to learn will help you to land your first job quickly
3. You have to keep improving yourself, or you will be left-back
4. In your first job, focus on learning from your coworkers. Do not look for a salary
5. If you are not learning or getting experience at your job, so you are wasting time
6. do not get overwhelmed with the number of the topic set a goal and set a deadline for it, then move to another topic
7. How much you know in CyberSecurity there is still a lot to learn
8. Experience and knowledge have more priority than certificates
9. Softskills like reading, communications, and critical thinking is an important part to not ignore it
10. you must simplify your Technical reports as much as anyone can learn it
11. Being Proactive is an important skill that everyone may not have
12. Having a blue and red team in the same organization will have a big improvement in security
13. In digital forensics analysis collecting artifacts process is important to do it once but do it right
14. Lessons learned phase after each incident is important to improve organization security

Nakerah Podcast 18, Osama Kamal

1. Understanding the basics well will help you to overcome the challenges your self and improve yourself quickly
2. SOC objectives may vary from a company to another, but it is better to keep it for detection and response
3. SOC is not a SIEM only
4. downloading free SIEM like Splunk and QRADAR will give you good hands-on skills
5. Understand the basics of the SIEM mechanism very well will help you play around with any available technology
6. Automation of SOC operations is important
7. For a SOC Analyst, it is essential to know offensive techniques
8. Reading without practicing won’t improve you. You need to get some hands-on skills
9. Do not forget to market your work
10. Writing your tools will give you a good reputation
11. Focus on Certificates as a way to learn not just to take it

Nakerah Podcast 20, Ahmed Nabil

1. Having a solid IT backgrouond will help you alot with your security career
2. Microsoft most valuable proffesional (MVP) is an annual award given to the proffesionals who tries to help the community in thier regions
3. Understanding the business of the enviroment you are working in is a mandatory thing for a CISOs
4. Cloud security, Data analytic and its realted as AI and infrastructure security tracks is from the trending tracks in security
5. Azure and AWS are from biggest cloud vendors
6. shifting from on-premise to cloud depends on the business model of yor enviroment
7. Security services provided by cloud vendors will be better than the most of Security services avaliable on-premise
8. MBA will help security proffesionals to understand the business enviroments
9. LinkedIn will help you to get your first job

Nakerah Podcast 21, Ali Alwashali

1. technical Skills required by a digital forensicator are the same required by an incident responder
2. Use Linux as the primary OS to help you understand some concepts you won’t learn while using windows
3. If you like someone in your field, try to do what he does.
4. it is ok to work for no money at the beginning of your career
5. try to practice on open-source solutions as an alternative to the commercial solutions
6. Try to attend most of the events and conferences
7. Try to market yourself by showing off your work instead of sending your CVs everywhere

Nakerah Podcast 22, Ghareeb Saadeldin

1. Malware analysis is considered as a part of Threat Intelligence
2. goal of Threat Intelligence is to know who developed the malware, who is using and what is there motives
3. Advanced persistence Threat (APT) is a type of attacker that targets a specific organization for a particular purpose using advanced technologies
4. To secure something, you have to understand it very well
5. Self-marketing is an essential skill to build your network and help you land decent jobs
6. Try to build new skills and knowledge during your University life
7. Try to be proactive in your work environment

Nakerah Podcast 23, Mohamed Abdelrazek

1. Cybersecurity architects should understand the business environment
2. CCIE certificate is high quality but not the end of the road
3. all security jobs are complementary to each other
4. Try to search for a mentor to guide you through your career
5. Creating your lab will help you practice and improve your hands-on skills
6. Your reputation is your capital
7. Understanding IT basics is essential to build a solid security foundation

Technical

1. Basics of systems and networks are a must to start in CyberSecurity Carrer
2. Opensource projects will help you understand concepts in depth

• Reverse engineering and malware analysis

  • Learn Cyber kill chain and malware goals
    1. MITRE attack
    2. practical malware analysis book
    3. read malware samples reports
  • Learning and understanding programming language and reverse engineering
    1. Programming language basics
    2. Assembly
    3. Reversing: secrets of reverse engineering book
    4. Windows internals: Identifying malicious code through windows internals book
  • Practicing
    1. crackme
    2. download malware samples and try to analyze it

• Telecom Security

  • 3GPP security standard
  • 1GSMA security guidelines
  • ITU security Standards

• Digital Forensics

  • Basics of OS and programming
  • reading others writeups
  • DFIR training
  • Ashemery.com
  • Incident response and digital forensics book
  • Applied incident repsonse book
  • Introductory computer forensics: a hands on practical approach book

• Solution Architect path

  1. Solid background in Networking and systems
  2. Multiple fundamentals knowledge in different security fields
  3. Software Development skills
  4. good experience

• DevSecOps

  1. Start with a high-level scripting language (Python, Ruby, go)
  2. Practice, Practice, then practice
  3. understanding Linux in depth
  4. Learn cloud integrations and how to use it.
  5. always think about automating manual stuff.

• Exploit Development

  1. Mastering the architecture that you will be working on
  2. Study the types of vulnerabilities and master them
  3. Improve your programming level
  4. Start applying what you have learned to real-life scenarios
  5. Patience, because often the first bug will not be easy

• Operational technology

  1. Understanding network Security
  2. Understanding embedded systems security
  3. Basics of Electrical Engineering and Production Engineering to be aware of the work enviroment
  4. OT protocols
  5. https://www.robertmlee.org/a-collection-of-resources-for-getting-started-in-icsscada-cybersecurity/ free sources to get into OT security

• GRC

  1. Security Essentials covered in
     1. Network+
     2. Security+
  2. Getting into GRC:
     1. ISO 27001
     2. ISO 27001 LA
     3. CRISC
     4. CISA
     5. CISM
     6. COBIT2019
     7. CGEIT

• Cloud Security

  1. Understanding the foundation of the clouds and cloud security
     1. https://cloudsecurityalliance.org/
  2. Understanding architecture of the cloud vendors
     1. https://docs.microsoft.com/en-us/learn/certifications/roles/solutions-architect
     2. https://aws.amazon.com/training/learn-about/architect/

---