Full Stack Security Analyst #71

krmaxwell opened this Issue May 7, 2015 · 2 comments


None yet

2 participants

@krmaxwell krmaxwell self-assigned this May 7, 2015
@krmaxwell krmaxwell added in progress and removed ready labels May 7, 2015
@krmaxwell krmaxwell closed this in #72 May 11, 2015
@krmaxwell krmaxwell removed the in progress label May 11, 2015

Conversation provoking stuff! While I do think the nature of the industry right now is that everyone has to be a generalist, I think its moving away from that. Much like how all doctors used to be general practitioners, now all doctors receive the basic core training needed and then go into residencies to specialize. Furthermore, you see a similar style of training in the military. Everyone shoots a rifle, but after that it varies. I think we are rapidly approaching a time where DFIR folks MUST specialize to be effective and marketable, but it is important to have a collective set of baseline skills in some of the areas you mention here.


Thanks for the thought-provoking comment. To some extent, I think DFIR is already the start of a specialization, though clearly we can drill down from there (reverse engineering, system forensics, packet analysis, etc.) But if your role is DFIR per se, you need a broad foundation even if you become a specialist in investigation.

Certainly, though, specialization to an extent is required, otherwise we wouldn't have folks able to do some of the highly technical things we need in this field.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment