It was not that long ago that attempting to build your own IT lab to create a test environment would be an expensive endeavor. Besides the hardware, a set of software security tools could set a person back significantly.
Now, Kali Linux, for example, has hundreds of open-source penetration-testing programs and is completely free. In the past, this set of software could cost more than $250,000 if purchased separately as commercial tools.
In Build Your Own Cybersecurity Testing Lab: Low-cost Solutions for Testing in Virtual and Cloud-based Environments (McGraw Hill), author Ric Messier has written a practical, hands-on guide on how you can create your own security testing lab without needing to take out a second mortgage on your house.
In the book, Messier does the IT equivalent of the proverb “Give a man a fish, and you feed him for a day. Teach a man to fish, and you feed him for a lifetime.” And here he shows the reader how to build his own security-testing lab. The focus is on affordable technologies—using cloud computing—as not requiring you to buy often expensive hardware.
After a detailed introduction to network design and operating systems, the second half of the book details how to create a cloud-based environment. This is particularly valuable given the hypergrowth of cloud computing, combined with the dearth of those with significant cloud and cloud security experience.
Messier has separate chapters for Amazon Web Services, Microsoft Azure, and Google Cloud Engine, which go into the unique configurations for each of them, and how to use their core components.
It is ironic that with a $50 list price, the book may be the most expensive part of your security lab. But the information in the book is certainly worth it, as it shows the reader a way to build an actual lab that can give them valuable experience, which can in turn make them much more sought-after on the job market.
Build Your Own Cybersecurity Testing Lab should be considered an investment in one’s security expertise and growth. And is an excellent investment at that.