How to Train to Be an IT Security Professional (Ethical Hacker)
In recent weeks, I have had a flurry of emails from fledgling hackers asking me how they should train to be become an IT security professional, i.e. an ethical hacker. I have answered this question so many times that I thought I should post my answer here so that everyone can read it.
Although some people choose to go through college and receive a B.S. in Computer Science or Information Technology (IT), many people in this field have no degrees and little formal education. Obviously, I chose to go the college route, but not everyone does. Many of my colleagues are without any degrees and those that do have degrees often have them in a fields other than Computer Science or Information Technology.
I'm not recommending against going to college, I'm simply saying that this discipline is full of people without college degrees. Unlike programmers, who most often do have college degrees, in Information Security, most people do NOT have college degrees in IT or Computer Science.
College education and training will give you the fundamentals of Information Technology, but few offer training on hacking and exploitation. Of course, to really be effective at hacking and exploitation you first must have the fundamentals of information technologies.
If you do decide to go the college route, though, make certain that you get a thorough grounding in networking, operating systems, application programming, scripting, database, and data structures. Make ceratin you are conversant in at least one of the major programming languages (C++, Java, C), one database management system (Oracle, MySQL, SQL Server), one scripting language (Python, Perl, Ruby) and, of course, learn as much as you can about Linux/Unix as it is the operation system of choice for every self-respecting hacker (you really can't be a hacker using Windows for many, many reasons). In the real world, hackers use Linux, victims use Windows.
Rather than go the formal education route, many choose the on-the-job training and certification route. Even those with college degrees and even advanced college degrees enhance their education with IT certifications. Our industry is one of the few that places such emphasis on certifications.
The field of Information Security is still so new that many schools don't even offer degrees in it and often will only offer a course or two. This field still values competence and accomplishments over credentials. If you want credentials, there any many certifications that you can get without a college degree that will help you get a start in this field.
Probably the best starting point is the CompTia Security+ certification. It is a beginner level certification that covers all the concepts of IT security, but none in any great depth. The U.S. military requires that all their IT personnel pass this certification, including their contractors.
If you don't have the formal education from a college or university in Information Technology, I recommend studying for and passing the CompTia A+ and Network+ certifications. The A+ is a basic computer skills entirely working in Windows and the Network+ is a basic networking concepts and skills course. Both will build you a good foundation. In addition, the Linux+ knowledge and certification will serve you well.
At the highest end of IT certifications, the CISSP from ISC2 and the CISM from ISACA are considered to be the gold standard in IT security certifications. In both cases, they are more IT security management and administrative certifications rather than hands on or highly technical certifications.
In-between, we have numerous hands-on certifications. For the aspiring hacker/pentester/ethical hacker, you can choose between the CEH, CPT, CHFI, CASP. CEH is widely recognized, but not real rigorous. Probably the best CEH courses are offered by InfoSec Institute, which offers the CPT certification with the CEH in a one-week bootcamp. The CHFI is a forensic certification which will complement your hacking. CompTia has developed a new certification that is gaining wide acceptance: CASP. This certification is most often considered to be a mid-level security certification.
Although not as widely recognized by the industry, there are a number of other certifications you might consider to hone your skills as a pentester/hacker. The developers of BackTrack and Kali, Offensive Security, has a number of hacking certifications are very demanding. These courses can be quite expensive ($3,000-5,000) to take in person, but Hakin9 is offering an online version for about $1,000 starting in February 2015.
SANS Institute, probably the leading security training firm in the U.S., offers a number of demanding IT security courses including GSEC, GCIA, GWAPT, and GPEN, among many others. These are good, solid, and demanding courses.
In addition, you might consider specialized courses in such hacking applications such as Metasploit.
If you are looking to enter this elite field of Information Security/Ethical Hacking, there are many routes to get here. Of course, start off by reading all the posts here on Null Byte, but build a background in a variety of Information Technology disciplines while collecting as many of these key certifications as possible.