Roadmap lengkap untuk menjadi Cybersecurity Engineer profesional. Pelajari network security, web security, ethical hacking, incident response, dan security operations untuk protect sistem dari ancaman.
Dasar-dasar yang wajib dikuasai sebelum masuk ke cybersecurity
OSI model, TCP/IP, DNS, HTTP/HTTPS, ports, protocols. Paham cara data flow di network
Linux fundamentals, shell scripting, file permissions, process management. Mayoritas security tools jalan di Linux
Python untuk scripting dan automation, JavaScript untuk web security, Bash untuk system tasks
Version control untuk security scripts, IaC, dan documentation
Security untuk web applications dan APIs
Injection, broken auth, XSS, CSRF, SSRF, insecure deserialization. Paham vulnerability paling umum
JWT security, OAuth 2.0 flows, session management, MFA, password hashing, token rotation
Rate limiting, input validation, CORS, API gateway security, OWASP API Top 10
Burp Suite, OWASP ZAP, Nikto untuk vulnerability scanning dan manual testing web apps
Protect network infrastructure dari serangan
iptables, UFW, cloud security groups, WAF (Web Application Firewall), network segmentation
Tailscale, WireGuard, OpenVPN, IPsec. Secure remote access dan site-to-site connectivity
Certificate management, Let's Encrypt, mutual TLS, certificate pinning, cipher suite selection
Intrusion Detection/Prevention Systems. Snort, Suricata, Fail2ban untuk detect dan block serangan
Penetration testing dan vulnerability assessment
Nmap, Masscan, Subfinder, Amass. Information gathering dan port/service scanning
Metasploit, searchsploit. Exploit vulnerabilities, privilege escalation, post-exploitation
Hashcat, John the Ripper, Hydra. Password auditing, hash identification, brute force defense
Burp Suite Pro, sqlmap, nuclei, ffuf. Toolkit untuk comprehensive pentest engagement
Detect, respond, dan recover dari security incidents
Splunk, Elastic SIEM, Wazuh, Graylog untuk centralized log analysis dan threat detection
IR lifecycle (prepare, detect, contain, eradicate, recover, lessons learned). Playbooks dan runbooks
MITRE ATT&CK framework, IOC (Indicators of Compromise), threat feeds, OSINT
Disk imaging, memory forensics (Volatility), timeline analysis, evidence preservation
Security untuk cloud dan containerized infrastructure
Docker image scanning (Trivy, Snyk), Kubernetes security, RBAC, pod security policies
IAM policies, security groups, cloud trail, GuardDuty, CIS benchmarks untuk cloud hardening
HashiCorp Vault, Doppler, cloud KMS. Secure storage, rotation, dan audit untuk credentials
Terraform scanning (tfsec, Checkov), misconfiguration detection, compliance-as-code
Standards, certifications, dan career path
ISO 27001, NIST Cybersecurity Framework, SOC 2, PCI DSS. Paham compliance requirements
CompTIA Security+, CEH, OSCP, CISSP. Pilih certification yang sesuai career direction
HackerOne, Bugcrowd. Legal ethical hacking untuk earn money dari finding vulnerabilities
Security training, phishing simulation, secure code review, security champion programs
Roadmap ini bakal nemenin kamu dari basic sampai jago jadi Cybersecurity Engineer. Pelajari tiap topik step by step, terus langsung praktik dengan bikin project.