Some handy resources for people looking to start a career in Information Security, specifically in Blue Team/Defensive type roles in Australia. This is not intended to be an exhaustive list, but as a companion to talks that I occasionally give on the topic.

Building Security in Modern Environments

• A playbook for implementing effective DevSecOps practices, also useful as an intro to the space.
  • https://github.com/6mile/DevSecOps-Playbook
• Zero Trust Architecture is rethink of traditional enterprise security models, designed to avoid many of the problems of conventional perimeter based architectures. It's commonly referenced in job ads etc, so it's useful to know what it is. Google have written about their implementation: BeyondCorp.
  • https://www.usenix.org/publications/login/spring2016/osborn

Attacks and Attack Techniques

• Mitre ATT&CK is the industry standard for discussing threats.
  • https://attack.mitre.org/matrices/enterprise/
• Hacking techniques in cloud environments.
  • https://hackingthe.cloud/
• Detailed reports of "Real Intrusions by Real Attackers"
  • https://thedfirreport.com/

Incident Response and Detection Engineering

• The specialisation of detection engineering defined. The role overview diagram is a good summary of how many Security Operations functions are organised.
  • https://cyb3rops.medium.com/about-detection-engineering-44d39e0755f0
• These AWS workshops help you understand ways that intrusions happen in cloud, and how to investigate them. Free, but you run them in your account so you'll pay for the resources you use. As long as you delete everything after your done, that cost should be pretty low.
  • https://aws.amazon.com/blogs/security/aws-cirt-announces-the-release-of-five-publicly-available-workshops/
• BOTS is a blue-team, jeopardy-style, capture-the-flag-esque (CTF) challenge centered around the type of real-world incidents that security analysts face regularly.
  • https://bots.splunk.com/

Newsletters

• Both of these weekly feeds focus on cloud security.
  • https://tldrsec.com/
  • https://cloudseclist.com/

Podcasts

• I only listen to one security podcast these days.
  • https://risky.biz/

Conferences, meetups and support groups

• Monthly meetup in Sydney. A (usually technical) presentation and an opportunity to meet some security people.
  • https://www.sectalks.org/sydney/
• If you identify as female and live in Australia, I recommend AWSN. They do a lot to support women in Cyber, with mentoring, training etc.
  • https://www.awsn.org.au/
• There are lots of security conferences in Australia!
  • https://github.com/Infosec-Community/APAC-Conferences
• Many cons share recordings of talks. Two examples:
  • DEFCON 32: https://www.youtube.com/playlist?list=PL9fPq3eQfaaB2scbXRczwvjVH0ckX4bwt
  • BSides Canberra 2024: https://www.youtube.com/playlist?list=PLqJd3UBdW7z6K_hJgv5uRAnT0LoOLBofW

Certs and training

• There's plenty of security cert resources out there, so I won't duplicate them here. I'm not a huge fan of certs in general, but I do think Cloud Security is an important area to cover. This AWS one is quite a good general course.
  • https://aws.amazon.com/certification/certified-security-specialty/
• Chris Sanders has amazing training with good value. This free one is a good overview of the space.
  • https://chrissanders.org/training/cuckoosegg/

Misc

• Not perfect, but a good crack at mapping out the cybersecurity landscape/industry on a single page.
  • https://www.linkedin.com/pulse/cybersecurity-domain-map-ver-30-henry-jiang/