Special Interest Group on Security
Welcome to SIG: SEC! This is Tristan writing; I’m one of the students who likes to specialize in Security topics at L&C. To meet more security folks, or the L&C CS community in general, I’d recommend you join our slack channel and keep an eye on #general and #security. We like to share resources, news, and L&C happenings that you may find interesting.
Common questions I get are from people looking to “get started” in security; and while I’m hardly an authority by any definition, I have collected a list of resources in the last few years, mainly by pestering my older classmates with the same questions. So here’s a few things I recommend that new folks check out, that I myself have gotten good use out of:
General / intro to Security:
The NCL CTF: This is a great CTF (capture the flag) exercise that runs twice a year, which demonstrates a really good range of all the basic security concepts. It’s $25, but money well spent.
Security Now (Podcast): This is the single best resource I’ve used in my young IT career. For the first few months I listened, I had no idea what anyone was talking about; what I did was write down every word or phrase I didn’t recognize, looked it up, and wrote myself a glossary of security terms and concepts. Doing that for a few months gave me the skillset to keep up in conversation without feeling completely lost. The podcast covers newly published research papers, news, and general security happenings, it’s 2 hours a week, and I highly advise checking it out.
Hackerrank: a nice place to get started learning programming. For security, Python has been the go-to in my experience, but Bash, C, and Go knowledge will help you out too.
Hackthebox: This site is a bit more advanced, not as beginner friendly. It hosts some pentesting simulations that make great practice. Getting started, check out some of the guides for older machines to learn the methodology of the whole thing.
Similar services: vulnhub
I hope this page is somewhat helpful for people looking to get started in security. Feel free to email me (email@example.com) with any more questions, L&C student or not, I’d love to answer any questions you have!