Planning 2022

Some thoughts and links about some of the things I’m thinking about for professional development and education for the year

leadership and comms

$dayjob leader has some ideas about courses and seminars

  • Do more writing/educating/presenting
    • apply to present (CFP)s
    • present & share (brown bags)
    • posts & articles, quick shares
  • more / better mentoring

furthering knowledge & skills

arguably need to pick one or two of areas like:

  • web & app sec / attack & defense
  • malware & code analysis
    • replay FOR610/GREM, take new FOR710 code analysis
    • CTFs and tutorials,OST2 courses
  • more better (fluffier?) DFIR
    • eg SANS new FOR509 (cloud) or FOR608 (enterprise) ?
    • AND Threat Hunting / ELK / Sigma courses
  • purple team / offensive ops
    • MAD Adversary Emulation certification
    • something other than OSCP
    • or even SEC699 (after replay SEC599/GDAT)
  • deceptions and adv cyber defence
    • Honeypots course (AND) or SANS
    • ACD / Antisyphon courses / labs / webinars

Also, need to reserve time/brainpower for continued understanding of cloud ops/SRE and numerous project/technology specific trainings or familiarisation runs.

Probably not this year

  • Python / data science , cryptography, ML
  • finally get good with awk(1)
  • KLCP (either :frowning_woman: )
  • Linux or Mac forensics deep-dive

Somewhat inspired by last year’s plan and the carry bits I’m trying to finish up now.

Written on January 18, 2022