Sunday, November 17, 2024

Security Testing Journal Entry | w/e Friday November 15, 2024 - "Extra CISSP-ie" Ed.


Highlights for the week

Had an awesome time this week. Got paired up with another pair of talented individuals who have really taken the time to teach me some things. I have a quick test with my manager that I'm looking forward to and I have been offered the idea of combining what I know with what I've done, mainly in the avenue of training. Intriguing prospect to say the least.

Also, CISSP training is over, but the fun has just begun. I have to circle back to the areas I was weak at and redo them. My goal is to take another test then the modules and if I get consistent 70% or better, I'm going to take the test.

What We’re Grateful For

  1. Holidays are in full swing, and I'm super-grateful that I have a job and the resources to make things happen.
  2. As always, grateful for an awesome family, awesome job, and everything in between.

What We Loved

  1. Everything!

What We Learned

  1. More Network Pen testing things. Picture is getting clearer with each engagement.
  2. CISSP is over, and the cert training is in progress. Need to sign up to get certified.

What We Longed For

  1. Nothing.

What We Loathed

  1. Nothing this week.

Sunday, November 10, 2024

Security Testing Journal Entry | w/e Friday November 8, 2024 - "Get workin' on Network'n" Ed.


Highlights for the week

Had a tremendous week full of learning, writing, and interviewing. Got to conduct my first onsite test, met my manager in person, and learned a lot more about network pentesting.

What We’re Grateful For

  1. Just like I wrote last week, I'll never stop thanking the good lord for the wonderful job with wonderful people.
  2. With the holidays in full swing, I'm ever grateful for having a wonderful family and the means to provide.

What We Loved

  1. Looooved getting to work with my manager and conducting an onsite security assessment. Met some cool nurses too.
  2. Loved working with a co-worker patient enough to teach me a little more about getting network pen testing scans started.
  3. Thrilled that I got to write my first pentest report. The feedback was great.

What We Learned

  1. CISSP is in the final throes. 1 more chapter and I'm done. Need to circle back on the weaker chapters.
  2. Learned how to use recon-ng to perform OSINT on an IP.
  3. Learned how to set up my first internal and external network scan.
  4. Sent my first client communication.

What We Longed For

  1. Nothing!

What We Loathed

  1. Not really a loathe, but my project teammate was missing a bit and the project report is behind schedule by a bit. On a personal level, I don't have much to loathe.

Saturday, November 2, 2024

Security Testing Journal Entry | w/e Friday November 1, 2024 - "Rabbit Rabbit" Ed.


Highlights for the week

Another week in the bag and I can't help but feel super-blessed. I have a mother who continues to be amazing, even if a bit overzealous with her affection. I have an awesome job where everyday ... EVERY DAY! ... I learn something. I'm blessed with an awesome wife who has a gift for event planning. We're on our way out to a "Dia De Los Muertos" event that follows on the heels of Halloween. And we live in a picturesque neighborhood straight out of a Norman Rockwell painting. The vibe was amazing.

As stated before, work continues to be a blessing. I'm so glad I'm not looking at it with rose-colored glasses, but I am loving every minute of it, the good and not-so-good (more on that later). Plus I'm traveling in a bit and working onsite with manager and co-workers. Tune in next week for more on that.

Of course ... rabbit rabbit! and the many blessings of having continued success and more importantly, not to f** it up.

What We’re Grateful For

  1. As stated before, doubley blessed to have an amazing job. I don't think I will ever stop thanking God for this wonderful opportunity 15 years in the making.
  2. Grateful to have an awesome family, food, good health, and so much more.
  3. Grateful to have a mentor that continues to teach me things. I'm happily passing that knowledge on to others.

What We Loved

  1. Loved my engagement. Network Pentesting continues to be a weak area, but the more I keep doing, the stronger I get. Same goes for reporting.

What We Learned

  1. CISSP - Finished the section on testing and working through the section on security operations. Falling behind on the upcoming chapter, but I hope to be caught up by EOW. Too many fun family activities.
  2. Learned a little more about external network pen testing process. Will be writing a blog on that shortly.

What We Longed For

  1. As always, more time for studying and exercising. I will say waking up early and getting the day started after a workout has been amazing. Need to stay consistent.

What We Loathed

  1. Fitness routine took a hit this week. My workout has been sporadic at best, but I can forgive myself since its holiday season.
  2. Minor loathing, but one negative about my job has been the lack of training. I was paired with a great co-worker that has been absent most of the project. It took me reaching out to my mentor to fill in the gaps. I'm a day wiser, but not much else. Sooo glad I wrote up the report early.

Saturday, October 26, 2024

Security Testing Journal Entry | w/e Friday October 18/25, 2024 - "Doc Doc" Ed.


Highlights for the week

I'm behind on posting. I was too busy last week and this week was uneventful at work. My routine lately is gym > study (1 hr.) > work > study (2 - 3 hrs) > sleep. Obviously time for eating, but my primary focus is CISSP. Not something I wanted, but I'll accept it. 2 months into my Cybersecurity career and I'm already tasked with earning my "black belt" .. epic!

What We’re Grateful For

  1. Grateful for an awesome job with great paycheck and great people.
  2. Grateful for an awesome family.
  3. Grateful for good health.

What We Loved

  1. I love that I get to wake up and have a job to look forward to.

What We Learned

  1. CISSP - need to focus more on the Access Control List nuances, otherwise time is not on my side. Still need to take the mid-term.
  2. Learning that some co-workers are not totally into teaching me the "how" of conducting a pen testing work, especially network. They're good at doing!

What We Longed For

  1. 2 months into my career and I don't feel any smarter than when I started. The task of working through the documentation has been very informative. Calling that my OTJ.

What We Loathed

  1. So far, I'm loathing the feeling of being un-prepared for the work I'm supposed to be doing.
  2. On a personal, I'm hating myself for caving to temptations that I was rid of. I should ignore that little voice that wants a "peak" of the smut. I made it to they gym but I hijacked my sleep. Never again!

Friday, October 11, 2024

Security Testing Journal Entry | w/e Friday October 11, 2024 - "Collab, So Fab" Ed.


Highlights for the week

Another fun week in the bag. Spent my work week neck-deep in overhauling my job's internal documentation. Overall, it was a labor of love. In the process, I got to read about how things get truly done and learned some new things. Most importantly, I'm filling in the blanks regarding Network Pen Testing, an area I know I'm lacking.

The CISSP Chapters are long and tedious. Not hard, but definitely not totally easy. It comes down to a lot of information to absorb.

What We’re Grateful For

  1. I love that I GET to have a job where I can collaborate with great people and learn new things.
  2. I love that I GET to study for a certification. Its tough finding time and energy, but its awesome nonetheless!
  3. I love that I GET to see my family happy. We're in the hole financially, but digging ourselves out with big shovels.

What We Loved

  1. Loving the job more and more.

What We Learned

  1. All things CISSP. Need to manage my time more effectively, but I'm squeezing what I can when I can.

What We Longed For

  1. More time. Getting up at 5am to work out has proven beneficial .. when I wake up.

What We Loathed

  1. Nothing loathesome except reddit posts that are at best, low effort.

Saturday, October 5, 2024

Security Testing Journal Entry | w/e Friday October 4 , 2024 - "Quiet Week, Documents Galore" Ed.


Highlights for the week

It was a quiet week regarding testing, but that gave me an opportunity to work on documentation. I read through all of them and did a complete make-over. It taught me a lot. Next week three weeks is going to be a tremendous upswing. Lots of work on the horizon.

What We’re Grateful For

  1. A great job with awesome people, making good money to get out from the credit card debt!
  2. A loving family, as always!

What We Loved

  1. Doing all things security.

What We Learned

  1. Last week, it was all algorithms and cryptography (Asymm / Symm / PKI, etc.).

What We Longed For

  1. For once, nothing to long for except more time and energy; perhaps a better memory to absorb all the knowledge.

What We Loathed

  1. CISSP quizes are tough. I'm hovering at 70% passing rate. Not happy, but not broken up about it. It's all about the nuances of the question.

Sunday, September 29, 2024

Security Testing Journal Entry | w/e Friday September 27, 2024 - "First 30 in Cybersecurity: Days Done!" Ed.


Highlights for the week

First 30 days in cybersecurity done and I've learned a quite a bit. The process of testing (from scope to reporting), and following up with clients is fundamental to consulting. I participated in my first desktop pen test which was interesting. The lead moved faster than I anticipated, but I did the best I could to capture what I could as far as notes.

What We’re Grateful For

  1. Having an awesome job with great people. Always learning something new week to week.
  2. Grateful there's still money available for food. This is helping offset the large bills coming my way
  3. As always, my gratitude for family and friends will never go unmentioned.

What We Loved

  1. Everything about the job so far. Need to keep to the commitment of doing well, asking questions, and tracking my work. I won't repeat the mistakes of the past.

What We Learned

  1. CISSP - last week: Business Continuity, Disaster Response Planning, and more.
  2. CISSP - this week: (playing catch-up) Criminal investigation, Cryptography, Code of Ethics / ISC2 Code of Conduct, and more.

What We Longed For

  1. As always, more time. Balancing time with priorities is proving a challenge. But waking up at 5am to start the week has been rewarding.

What We Loathed

  1. Nada!