This post provides an in-depth discussion on the topic of offensive security, explaining its key concepts, job roles, and certifications associated with this field. Additionally we compared offensive security with defensive security and provided a writeup for the room TryHackMe Intro to Offensive Security
Please watch the video at the bottom for full detailed explanation of the walkthrough.
Definition of Offensive Security
Offensive security involves breaking into computer systems, which includes exploiting vulnerabilities or misconfigurations to gain access. It is not about damaging the system but compromising it to identify weaknesses.Two primary branches include:
- Penetration Testing (Pen Testing): A legal process of testing systems for vulnerabilities.
- Hacking: Can be legal or illegal, but the process involves similar techniques to penetration testing, depending on the ethical or unethical nature.
Offensive Security Methodology
Offensive security professionals follow the cyber kill chain, which includes steps like scanning, weaponization, delivery, exploitation, and performing actions on objectives. These are performed either legally (as a penetration tester) or illegally (as a hacker).
Offensive Security Mechanisms
Identifying vulnerabilities, bugs, or security misconfigurations, such as insecure file permissions or unpatched systems.
Social engineering is also a critical aspect, where attackers trick individuals into providing sensitive information, like passwords.
Comparison with Defensive Security
Defensive security is about protecting systems from attacks, using tools such as firewalls, intrusion detection systems (IDS), and incident response plans to mitigate threats.The goal is to ensure that systems are secure enough that penetration testers cannot gain access.
Careers and Job Roles in Offensive Security
Penetration Tester: Tasks involve testing for vulnerabilities in systems, with roles ranging from junior to senior positions.
Red Teaming: A more comprehensive role than penetration testing, where a team mimics adversaries to simulate real-world attacks and assess an organization’s defenses. This includes studying adversary profiles, often using the
MITRE ATT&CK framework for tactics, techniques, and procedures (TTPs).
Defensive Security Careers
Job roles include security analysts, network security administrators, incident response team leads, and SOC (Security Operations Center) analysts. Defensive professionals often work in SOC environments to monitor and maintain security across networks.
Offensive Security Certifications
OSCP (Offensive Security Certified Professional) is a popular and highly regarded certification.
CompTIA Pentest+: A newer certification that includes both theoretical and scenario-based questions.Other certifications from providers like eLearnSecurity are also mentioned.
Defensive Security Certifications
CompTIA Security+ and Cisco CyberOps for entry-level certifications.
CISSP and CISM for management-level certifications.
SSCP as an alternative to CompTIA Security+ for deeper coverage.
Auditing and Compliance
Auditing involves ensuring compliance with cybersecurity frameworks and regulations, such as ISO 27001, NIST, PCI DSS, and HIPAA.
Auditors conduct risk management and analysis, identifying natural and human risks (e.g., hacking or human errors). Risk assessments result in a matrix, which helps decide if risks should be accepted, transferred, or remediated.
Risk Management
A process to assess the probability and impact of risks, and then develop strategies to either accept, transfer, or mitigate them.
Room Answers | TryHackMe Intro to Offensive Security
Which of the following options better represents the process where you simulate a hacker’s actions to find vulnerabilities in a system?
Offensive Security
Above your account balance, you should now see a message indicating the answer to this question. Can you find the answer you need?
BANK-HACKED
