Introduction to Offensive Security

What is Offensive Security?   In short, offensive security is the process of breaking into computer systems, exploiting software bugs, and finding loopholes in applications to gain unauthorized access to them. To beat a hacker, you need to behave like a hacker, finding vulnerabilities and recommending patches before a cybercriminal does, as you'll do in this room!   On the flip side, there is also defensive security, which is the process of protecting  an organization's network and computer systems by analyzing and securing  any  potential digital threats; learn more in the digital forensics room.
  In a defensive cyber role, you could be investigating infected computers or devices to understand how it was hacked, tracking down cybercriminals, or monitoring infrastructure for malicious activity.
Careers in cyber security   How can I start learning?   People often wonder how others become hackers (security consultants) or defenders (security analysts fighting cybercrime), and the answer is simple. Break it down, learn an area of cyber security you're interested in, and regularly practice using hands-on exercises. Build a habit of learning a little bit each day on TryHackMe, and you'll acquire the knowledge to get your first job in the industry.   What careers are there?   The cyber careers room goes into more depth about the different careers in cyber. However, here is a short description of a few offensive security roles:
  • Penetration Tester - Responsible for testing technology products for finding exploitable security vulnerabilities.
  • Red Teamer - Plays the role of an adversary, attacking an organization and providing feedback from an enemy's perspective.
  • Security Engineer - Design, monitor, and maintain security controls, networks, and systems to help prevent cyberattacks.