In Malcolm Gladwell’s bestseller Outliers, he wrote about the “ten-thousand-hour rule.” No one succeeds at a high level without innate talent, he wrote. But no one succeeds without practice, either: “achievement is talent plus preparation.” Discussing his book in an article in The New Yorker, Gladwell noted that “the closer psychologists look at the careers of the gifted, the smaller the role innate talent seems to play and the bigger the role preparation seems to play.” There are no “naturals” in cognitively demanding fields, he argued. “Nobody walks into an operating room, straight out of a surgical rotation, and does world-class neurosurgery.”
The same is true for cyber security. No one walks out of a classroom and into a company to perform world-class cyber security. People need to practice first – run through tests, anticipate vulnerabilities, entertain real life scenarios. Access to a wide range of network security software is a good start – but access doesn’t equal protection. Cyber security professionals must be practiced at putting that software to use. Security testing tools are the key to a protected company.
Security testing tools are used “to observe an application and test its functions to detect as many security issues as possible to prevent hackers from penetrating.” In other words, security testing tools are practice. They allow cyber security professionals to look at an application from every angle, to study and assess its weaknesses, and to address those failings before a bad actor can wreak havoc.
Tools allow the cyber professional to automate many critical cyber functions. Splunk, for example, is considered a workhorse in its ability to ingest and report and monitor large volumes of data. Want to get under the hood and really see what’s going on? Then you need to understand not only what Wireshark is, but how to implement it and see what’s happening at the packet level. Without some basic understanding of how to use the tool and for what purpose, you can’t really understand the application and make some analysis. First understanding, then analysis.
Being able to master the basics as a security expert is an important first step in identifying any weaknesses a system may have and the potential exploits that can be used. For anyone who wants to know where to start, a good place would be to check out the wide range of tools available in CYRIN’s labs.
Some of the most popular tools we use every day in our CYRIN labs have been combined into a new tools’ packages subscription. In the best CYRIN tradition, these tools allow you to test, train, penetrate, and defend your systems in a real-world simulation. Some of our favorite tools are showcased below. They are also used as part of a new set of packages we have for the cybersecurity professional.
Wireshark, considered by many to be the essential tool for security professionals and network engineers, can be found in our Incident Response Category in CYRIN lab: Protocol Analysis I: Wireshark Basics.
Splunk. If you talk about powerful tools, you have to mention Splunk, which searches, reports, monitors and analyzes large volumes of real-time streaming and historical IT data. Look for it in our Network Monitoring and Recon Category in CYRIN lab: Log Analytics with Splunk.
Sparta is also considered one of those “essential” tools that saves time and simplifies network penetration testing with easy GUI access to your toolkit. Spend less time on setting up commands and tools, creating more time to focus on analyzing results. Look for it in our Vulnerability Scanning Category in CYRIN lab: Automating Security Analysis with SPARTA.
Metasploit — some people call it the world’s most used penetration testing framework. Look for it in our Vulnerability Scanning Category in CYRIN lab: Introduction to Metasploit.
IPtables is a flexible firewall utility built for Linux operating systems. Students will learn to configure a network firewall using the standard Linux iptables module. Look for it in our Secure Network Setup Category in CYRIN lab: Firewall Configuration with IPtables.
BIND is probably the most used DNS software on the Internet. Students will learn about split horizon DNS configuration. Don’t allow the hackers a pathway to your internal network. Find it in our Secure Network Setup Category in CYRIN lab: Split-Horizon DNS Configuration using BIND.
File System Forensics – it’s important to know what happened to your system. File System Forensics gives you the basics as you attempt to run your own “CSI” investigation. Find it in our Forensics Category, in CYRIN lab: Introductory File System Forensics.
SSH Server Configuration. In this lab it’s very critical to learn the proper setup of the OpenSSH remote administration tool, including security-relevant settings. Look for this tool in our Secure System Setup Category, in our CYRIN lab: SSH Server Configuration.
VPN Configuration with Linux/OpenVPN. OpenVPN provides Virtual Private Network solutions for a user or organization. Properly configured, a VPN can ensure privacy and security for remote connections to your personal or organizational network. Find out about this important topic in our Secure Network Setup Category, in CYRIN lab: VPN Server Configuration with OpenVPN.
To see any of these tools in more depth check out our catalog at https://cyrin.atcorp.com/catalog/course_catalog.pdf
Now you can subscribe to a unique package of tools – put together by the CYRIN team.
Tools — CYBER Defender Package
Essential Tools for Cybersecurity
Lab: Protocol Analysis I: Wireshark Basics
Lab: Introduction to Metasploit
Lab: Introductory File System Forensics
Tools — CYBER Network Engineer Package
Essential Tools for Network Engineering
Lab: Firewall Configuration with IPtables
Lab: VPN Configuration with Linux/OpenVPN
Price for each package: $495 for a 6-month subscription.