Security Analysis is detective work – while other technical work pits you versus your knowledge of the technology, Security Analysis is one where you’re competing against an unknown and anonymous person’s knowledge of the technology. Detective work is full of false leads, dead ends, bad evidence, and unreliable witnesses – you’re going to learn to develop many of the same skills to deal with these.

Look for the Common Denominators.
Look for the Common Exceptions.

Make Assertions,
Not Assumptions.

Eliminate the Impossible.

Always Look for a Simpler Explanation.

Imagine Things from the Attacker’s Perspective. What Would You do in Their Position?

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.