this post was submitted on 12 Jul 2023
29 points (100.0% liked)

cybersecurity

64 readers
1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

Hello! My name is Mike and I am an infosec engineer with 10+ years experience. I've worked in GRC, Vulnerability Management, PenTesting & AppSec. I have 17 SANS certs (I have a serious problem) and I'm also an infosec community enthusiast and creator/mod for /c/cybersecurity. AMA!

you are viewing a single comment's thread
view the rest of the comments
[–] thundergun@infosec.pub 2 points 1 year ago (1 children)

Hey there Mike. Thanks for doing this. With AI/ML changing the face of infosec, what do you predict infosec will look like in 5 years?

Also as a fellow SANS enjoyer, it's great training. What are your top 5 SANS courses and why is GREM number 1?

[–] shellsharks@infosec.pub 4 points 1 year ago

Good Q, I'm no AI/ML expert by any means but I do think it's effects on the infosec industry will be muted to some extent, at-least in the 5 year time scale. I can see companies toying with the idea of AI-based capabilities replacing junior staff but from what I've seen from these tools thus far I don't think it would be particularly efficient to do so. Instead, I see AI being a force-multiplier / filling in existing gaps in the security workforce. Beyond 5 years who knows. The tech could progress to a point where it truly is capable of replacing human operators, even for cyber roles. The beauty of infosec though (as opposed to other tech disciplines like software engineering) is that too often we are thinking of ways to circumvent human thinking, and for AI models that were trained on how humans have traditionally thought, they are innately poor at this.

Top 5 SANS courses oh man... I'll give it a shot.

  1. SEC503 / GCIA (Intrusion Detection)
  2. FOR610 / GREM (Reverse Engineering)
  3. SEC564 (Red Team Ops)
  4. SEC460 / GEVA (T&VM)
  5. SEC450 / GSOC (Sec Ops)

I think 503 is the most valuable SANS course and I had a great instructor during my run. GREM was super technical and really fun. Not something I get to do with my day job. SANS Red Team course was really cool to learn the distinction between Red Teaming and Pen Testing, though it was only a 2-day course at the time. Both 460/450 were actually really amazing curriculums both with top notch instructors/course authors. Can't recommend them enough despite the fact they are 400 level courses.