Finally had a chance to get through the Kubernetes and Cloud Native Security Associate (KCSA) course and exam. Thanks snow!
Next up: Certified Kubernetes Application Developer (CKAD).
As expected, the KCSA went over standard security fundamentals of containers, Kubernetes, network protections, and trust boundaries, along with industry practices such as threat modeling, risk frameworks, and compliance. It’s still multiple-choice like the KCNA, but the questions were a notch deeper. I was caught off guard by a couple products in the microVM and sandboxing space that I hadn’t come across in preparing.
Discovery is a discipline. At Amazon, it was Learn and Be Curious. At Simmons, it’s no different. I try not to ignore or over index on what larger or wildly successful organizations do. Instead I want to build a discovery practice that exposes my team and I to many perspectives and then filters for our context.
When we approach technology decisions as one-time evaluations, we’re at the mercy of whoever is loudest at that moment. That’s usually vendors, “influencers”, or internal advocates with strong opinions. Rarely do we get a balanced view of alternatives, trade-offs, and lessons learned.
This was the event to attend if you’re in or around Arkansas and looking for motivated professionals coming into IT and cyber. We definitely needed more small and medium enterprises from our community represented. I was honored to help and to represent Central States Manufacturing, Inc. And while I don’t have an open role right now, I have a great pool of folks to stay in contact with, follow their journey, assist along the way, and hopefully hire when I do.
Reflecting on my 2020 goals. I’m proud of what I accomplished. I would’ve liked to accomplish more. Onward to 2021. Weight training goal. Not my gig. I discovered rucking and fell in love with hiking again. I’ll call that a win. Thanks for the perpetual headlock, David Walzer." CISSP completed in January with some motivation from Brian East." OSCE ended up retired. COVID changed all my plans. Went after the AWS SAA instead. When I most needed it, landed a gig with Amazon Web Services (AWS) " One CSRF bug reported for $200. Not sure I’m cut out for the bug bounty life. At least I got one.
Knocked out the new Amazon Web Services Solution Architect Associate (SAA-C02) exam this morning. 2nd CoronaCert done this month. Up next: AWS SA Professional"
For folks taking the new test, a little practice, reading some FAQs and whitepapers, and running through these resources is enough:
Course: Ultimate AWS Certified Solutions Architect Associate 2020 Practice Exams: AWS Certified Solutions Architect Associate Practice Exams
I often get asked to weigh in on the value of cert X or training/cert company Y.
IT and InfoSec are broad. Too many folks get siloed or disappoint themselves by not first selecting a reasonable goal and working backwards. We need to be purposeful about our studies and efforts by ensuring they align with our goals. Otherwise, we’re just wasting time.
If you’re interested in cybersecurity, check out this info-graphic. Find that swim-lane you’re after and go get it. https://pauljerimy.com/security-certification-roadmap/