Did you know that the words ‘offensive’ and ‘defensive’ can be used in the InfoSec domain as well? If you follow my writings on Information security – you might realize that the InfoSec domain itself feels different for one set of posts and different for another set of posts…The two distinct classifications are ‘offensive security’ and ‘defensive security’.
While which part of security interests you, depends on you and you alone, security might never be an independent task and it might be a combination of both that you might be facing at work everyday. Having said that, let us move onto to see what is meant by ‘defensive’ and ‘offensive’ security.
Defensive security:
Conventional security is mostly termed as ‘ defensive security’. ‘Defensive security’ deals with security mechanisms that defend the business/home environment like firewalls, VPNs, anti-virus definitions and more. Just like with other applications of the word ‘defensive’ – ‘defensive security’ is more of a reactive approach. We install anti-virus software to keep out viruses, firewalls to block intrusion attempts, work with business continuity and disaster recovery experts, draw security plans to protect the organization but we do not tear the system down to find the vulnerabilities in it. This is ‘defensive security’.
Offensive security:
‘Offensive security’ on the other hand is the exact opposite of ‘defensive security’. It is like performing a root canal treatment on the business and personal systems to unearth the various vulnerabilities in systems to seal them effectively! Ethical hacking, pen testing,vulnerability assessments, digital forensics, advanced attacks all come under the umbrella of ‘offensive security’. Offensive security involves attacking and pen testing live systems. Offensive security mechanisms are much more intensive than defensive security tactics.
There are numerous offensive security certifications but the ‘OSCP'(Offensive security certified professional) and the very popular CEH(Certified Ethical hacker from EC-Council) stand out. They involve more technical expertise and more hands-on experience. For example, the OSCP certification exam is conducted for a full 24 hours!(yes, you read that right!)Â
OSCP certification:
- Candidates taking the grueling OSCP certification must first take the ‘Pen testing with Kali Linux’ online course before attempting the examination
- The cost of course and the exam is 800$ which involves 30 days lab access
- “The OSCP examination consists of a virtual network containing targets of varying configurations and operating systems”
- The candidate is expected to research the network, find vulnerabilities and execute attacks.
- Successful OSCP holders can conduct remote and client side attacks, deploy tunneling attacks to bypass firewalls and more!Â
More information about OSCP certification can be found here
Which type of security are you more aligned to? Defensive or Offensive? Does it fascinate you?Â
Â