Hello all and welcome to my first blog about cybersecurity. My blog would mainly revolve around cyber security, Ethical Hacking, red teaming, networking etc. I will be posting stuff about these topics from time to time. In this blog very basics concepts will be discussed.
What is Cyber Security?
It consists of two terms security and cyber. If we break the word to its literal meaning cyber means computers or machines and security means defending. So in general cybersecurity refers to the practice of defending computers.
Defense from what exactly ?
Unauthorized access to the computers, viruses, scams and much more. Basically the idea revolves around access, who is in control. Also protection from sharing sensitive information. The person who attempts to gain unauthorized access is know as a hacker or an attackers.
What is Ethical Hacking?
Ethical Hacking is the practice of providing authorized attempt to security professionals to prevent any unauthorized access in future.
What are three main types of hackers?
Black Hat
Grey Hat
White Hat
The distinction based on color decides whether the hacker is a good hacker or bad one. To understand the type of hackers we see the ethics. If the hacking attempt was ethical i.e. it was intended to tighten the security of the program, the hacker is known as ethical hacker and it is the White hat hacker. If the hacking attempt was malicious in nature then the hacker is called as unethical hacker or Black hat hacker . Grey hat hacker is the hybrid of white and black hat as they might hack the system but they will never steal money or cause any massive damage, their access is unauthorized.
Ever wondered about the various domains in CyberSecurity? I have listed some of the major ones below:
Cyber Forensics
SOC
AppSec : Application Security
Web Security
Mobile Security
Network Security
There is something called as VAPT lets have a look into that.
What is VAPT?
VAPT stands for Vulnerability Assessment (VA) & Penetration Testing (PT)
Vulnerability: is the weakness in the code of the particular program that can be leveraged by the attacker to gain the access.
Vulnerability Assessment (VA) is finding vulnerabilities (bugs) , assessing them and reporting them ethically.
Penetration Testing (PT) is exploiting the vulnerability and analyzing the worst case of a vulnerability in terms of damage it can cause.
What is free lancing?
It's a worker who works only on a particular project without any further commitment with the employer, such people are often called self employed.
Have you ever heard of freelancing as a security professional?
Answer is bug bounties.
What is Bug Bounty?
Bug Bounty is similar to VAPT but the only key difference between VAPT and Bug Bounty is: In VAPT only a small team works behind a team while in Bug Bounty many hackers work and find bugs on a particular website. In Bug Bounty only those vulnerabilities are considered which are critical while in VAPT vulnerability of any severity can be reported.
Severity of a bug is the extent to which a bug can damage a software under a test.
Bug Bounty platforms links :
Bugcrowd: https://bugcrowd.com
Hackerone: https://hackerone.com
OpenBugBounty: https://openbugbounty.org
NCIIPC : https://nciipc.gov.in
That is it for today's blog. I will be posting stuff as I move a head in my journey of cybersecurity.
BLOG POST BY :SHRIEVE
Posts
0 Comments