quarta-feira, 27 de março de 2019
Fala galera beleza?
Um tempo atrás eu havia postado sobre as certificações Meraki (Post Meraki) e como realizar os treinamentos além de fazer as provas, esse mês a Cisco/Meraki anunciou que está reformulando as suas certificações da plataforma:
- A Certificação ECMS 1 (Engineering Cisco Meraki Solutions 1) seria equivalente a CMNO que é a certificação inicial Meraki, ela é composta por um treinamento de um dia (conteúdo teórico, prático e exame no final do curso), o conteúdo continua o mesmo, porém as novas atualizações serão lançadas nesse novo modelo de treinamento.
Os próximos cursos ainda não estão disponiveis mas são separados por América no Norte, Europa, Asia e America Latina:
- A certificação ECMS 2 (Engineering Cisco Meraki Solutions 2) é a certificação equivalente ao CMNA que era realizado presencialmente, é um treinamento de 3 dias corridos para profissionais Cisco, parceiros e clientes que utilizam as ferramentas Meraki, o treinamento foca no planejamento, design, arquitetura, alta disponibilidade e também um pouco da operação dos equipamentos.
Os treinamentos de 3 dias são realizados nos centros Cisco Meraki, porém existe um calendário de cursos realizados aqui na própria Cisco do Brasil e em alguns locais especificos (capitais em geral), conversem com os seus parceiros que vendem equipamentos Meraki para tentar uma vaga.
- O nível especialista das soluções Meraki é o Cisco Meraki Solutions Specialist, ainda está em desenvolvimento, mas será um treinamento realizado na sede Meraki cobrinto todos os equipamentos e tecnologias Meraki:
sábado, 23 de março de 2019
A VMware está disponibilizando um lab hands-on da sua nova versão do vSphere 6.7 totalmente online que permite a galera testar as novas funções da plataforma bastando apenas ter um usuário e senha validos para começar a utilizar a plataforma totalmente online:
Além dessa novidade, a VMware está trazendo uma serie de outros laboratórios online no mesmo formato (não precisa instalar nada):
Cada um tem a sua duração aproximada de 30 minutos, é uma ótima oportunidade para quem está aprendendo um pouco sobre os ambientes virtuais da VMware.
sexta-feira, 22 de março de 2019
Como de costume, a Global Knowledge realizou uma pesquisa das certificações que mais pagam no mercado americano, dessa vez o top da lista é a certificação de arquiteto em cloud da Google, mas alguns pontos interessantes podem ser observados na lista, um deles é o crescimento das certificações de Cloud (2 em 2018 e agora são 4), 5 certificações de security e cybersecurity, 2 de projetos, 2 de network e alguns vendors com algumas certs (AWS, CompTia e ISACA) com 2 certificações cada:
1. Google Certified Professional Cloud Architect
Debuting in 2017, this certification allows IT professionals to certify as a cloud architect on the GCP platform. It demonstrates the ability to design, develop and manage a secure, scalable and reliable cloud architecture using Google Cloud Platform (GCP) technologies.
This is the first year GCP Cloud Architect cracks our list of highest-paying certifications. Cloud skills are critical for almost every organization. In general, cloud jobs pay over $100,000 a year in the U.S. and decision-makers are still struggling to fill all cloud job vacancies. That’s just a couple reasons why GCP made a big splash in its debut.
Path to certification: The certification exam is geared toward an architect that must understand what solution works best for a given scenario. There are no questions dedicated to specific usage of the product. It must be taken in-person at a Kryterion testing center location.
2. Project Management Professional (PMP®)
PMP was created and is administered by the Project Management Institute (PMI®) and is the most important industry-recognized certification for project managers. It provides employers and customers with a level of assurance that a project manager has both the experience and knowledge to effectively define, plan and deliver their projects. The PMP credential is often the key differentiator in decisions about who to hire or entrust with important organizational project initiatives.
Path to certification: PMP certification is reliant on two factors: project management experience and exam success. To become certified, individuals must have 35 hours of PMP-related training. In addition, those who have less than a bachelor’s degree must have 7,500 hours of project management experience, while those who have a bachelor’s degree or higher need 4,500 hours. To become certified, you need to apply at the PMI website, and then once your application is approved, you can sign up for the actual exam via Prometric.
To maintain PMP certification, 60 professional development units (PDUs, similar to the CPEs in other certifications) are required every three years.
3. Certified ScrumMaster®
Achieving a Certified ScrumMaster certificate validates that you understand the Agile Scrum methodology and are well-versed in putting scrum into practice. A Certified ScrumMaster leads a team and helps them work together to learn the Scrum framework and perform at their highest level. The ScrumMaster also removes internal and external distractions that might hinder meeting the goals. Attaining this certification gives you a two-year membership to the Scrum Alliance.
Certified ScrumMaster was eighth on last year’s top-paying certification list.
Path to certification: The Certified ScrumMaster certification is created and managed by the Scrum Alliance and requires the individual to attend the two-day Certified ScrumMaster® Workshop course. After successfully completing this course you will need to pass the exam. The certification is valid for two years from the original certification date. In order to renew your certification you will need to obtain 40 Scrum Education Units (SEUs) within each two-year period.
4. AWS Certified Solutions Architect – Associate
The AWS Certified Solutions Architect Associate-level exam demonstrates an individual’s expertise in designing and deploying scalable systems on AWS. It’s unsurprising to see this certification again in our top five due to the market need for skilled and certified AWS solutions architects. This certification has been here for several years, showing how much demand there is year after year due to the growth in the cloud.
This is the prerequisite step to achieving the AWS Certified Solutions Architect – Professional certification.
Path to certification: To get certified, you need to have hands-on experience with AWS (they suggest six months or more). The exam is computer-based and offered at PSI testing centers. The AWS Certified Solutions Architect – Associate certification exam addresses a range of topics, including designing on AWS, selecting the appropriate AWS services for a given situation, ingress and egress of data to and from the AWS environment, estimating AWS costs, and identifying cost-control measures.
5. AWS Certified Developer – Associate
This certification cracks our top five for the second straight year. It validates technical expertise in developing and maintaining applications on AWS, as opposed to designing the solution with the Solutions Architect certification. Achieving the AWS Certified Developer certification demonstrates the ability to efficiently use AWS SDKs to interact with services from within applications and write code that optimizes AWS application performance.
The explosion in popularity of the AWS Certified Developer certification is directly correlated with the rapid growth of organizations developing cloud-based applications to quickly advance their footprint and remain competitive. This also is related to the explosive growth in IoT (Internet of Things) and mobile development, much of which is backed by resources in the cloud.
Path to certification: To get certified, you need to have hands-on experience with one or more programming languages as well as AWS (they suggest six months or more). The exam is computer-based and offered at PSI testing centers, like all AWS exams. The AWS Certified Developer – Associate certification exam addresses a range of topics, including using SDKs to interact with AWS services, selecting the appropriate AWS services for a given situation, creating code that optimizes performance of the AWS services used in an application, and coding security for access to AWS services.
6. Microsoft Certified Solutions Expert (MCSE): Server Infrastructure
This certification was retired in 2017, but if previously earned it will remain on your transcript. It was replaced by the MCSE: Cloud Platform and Infrastructure certification. At the end of 2018, Microsoft began their tectonic shift away from technology-centric certifications to role-based certifications. As a result, MSCE: Cloud Platform and Infrastructure was retired and split into four different certifications, three that focus on the Azure Administrator, Developer and Solutions Architect roles, and the MSCE: Core Infrastructure, which is closer aligned to the on-premises focus of MSCE: Server Infrastructure.
Microsoft jumped into the cloud certification game with both feet. The exponential increase in demand for skilled cloud specialists, coupled with a multi-cloud strategy employed by most businesses, has helped the new Azure role-based certifications hit the market with an exceptionally high demand. Our own training enrollment data suggests that the Azure Administrator Associate is currently the most sought after of the new role-based certifications.
Path to certification: While there are now more options for those that once coveted the MCSE: Server Infrastructure, those options are now more clearly defined. Your company’s workload management strategy—and in the case of a cloud-centric strategy, your role—will determine which of the new certifications you will pursue. An on-premises strategy lends itself to the new MCSE: Core Infrastructure, while a cloud strategy will defer to your role—cloud administrator, cloud developer/engineer, or cloud solutions architect with more roles being added in the future.
7. ITIL® Foundation
Over the last 30 years, ITIL has become the most widely used framework for IT management in the world. Why? It’s a set of best practices for aligning the services IT provides with the needs of the organization. It covers everything from availability and capacity management to change and incident management, in addition to application and IT operations management.
And this year, ITIL is getting an upgrade. ITIL 4 was released earlier this year and reflects new ways of working that have accompanied the digital revolution, such as DevOps, Agile and Lean IT.
ITIL Foundation is the entry-level ITIL certification and provides a broad-based understanding of the IT service lifecycle.
This certification is accepted as a framework for managing the IT lifecycle. As such, it is different from the other certifications on this list and is one of the few that focuses on the intersection of IT and the needs of the business.
8. Certified Information Security Manager (CISM)
ISACA created and maintains the CISM certification. It is a management-focused certification, aimed at professionals who build and manage an enterprise’s information security. CISM promotes international security best practices.
Path to certification: The exam is offered during the designated testing windows each year and is computer-based. Registration is via the ISACA website, as well as an exam locator.
It also requires at least five years of experience in IS, with at least three of those as a security manager. Your experience must be within 10 years of taking the exam or five years after passing it. There are some alternatives to the experience requirement for this certification. Continuing education credits are required each year to maintain your certification.
9. Certified in Risk and Information Systems Control (CRISC)
ISACA offers and manages this certification. When it comes to risk management proficiency, CRISC is the truest evaluation there is. CRISC-certified professionals help organizations understand business risk, and possess the skills to implement, develop and maintain information systems controls.
Path to certification: To obtain CRISC certification, you must have at least three years of experience in at least two of the four domains the certification covers, and you must pass the exam; the experience must be within the preceding 10 years or no more than five years after passing the exam. The exam is only offered during designated testing windows each year and is computer-based. Registration is via the ISACA website; use the CBT locator to find a testing site.
In addition, Continuing Professional Education (CPE) credits are required each year to maintain your certification. Achieving CRISC certification requires ongoing effort and years of planning, but it has been a top certification for years and with the growth of cloud computing, it will stay in high demand for years to come.
10. Certified Information Systems Security Professional (CISSP)
Offered by the International Information Systems Security Certification Consortium (ISC)² as a vendor-neutral credential, CISSP is designed to prove security expertise. As with the other security-related certifications, demand is high and is projected to be so for many years to come.
CISSP is a widely desired indicator of knowledge, experience and excellence on the resume of many IT professionals. CISSP is not just a recommendation by industry groups—it has achieved its respected position as an important IT certification through practical observation. The drive to achieve this notable certification is evidenced in its appearance on a significant number of job postings. Performing a job search in any moderate or larger metropolitan area reveals that an astounding number of IT and security positions request that the applicant be CISSP-certified.
Path to certification: The exam is offered at Pearson Vue Testing centers. CISSP candidates must have at least five years of full-time, paid experience in at least two of the eight CISSP domains. If you don’t have the work experience, you can still earn an (ISC)² Associate designation by passing the exam while working toward the full certification. You will have up to six years to complete the required experience.
The exam is based around eight areas in computer security, including security and risk management, communications and network security, software development security, asset security, security architecture and engineering, identity and access management, security assessment and testing, and security operations. To remain certified, CISSPs must earn Continuous Professional Education (CPE) credits every year.
11. Certified Ethical Hacker (CEH)
The International Council of E-Commerce Consultants (EC-Council) created and manages the CEH certification, which is aimed at security officers and auditors, site administrators, and others responsible for network and data security. The exam is designed to test a candidate’s abilities to prod for holes, weaknesses and vulnerabilities in a company’s network defenses using techniques and methods that hackers employ. The difference between a hacker and a CEH is that a hacker wants to cause damage, steal information, etc., while the CEH wants to fix the deficiencies found.
The goal of this certification is to master ethical hacking methodology that can be used in penetration testing. These skills are in-demand and internationally-recognized.
CEH applies equally to on-premises and cloud deployments. Given the many attacks and great volume of personal data at risk and the potential legal liabilities, the need for CEHs is high, hence the salaries reported.
The CEH certification is continually being updated to match the tools and techniques used by hackers and information security professionals alike to break into any computer system. You will be immersed into a “Hacker Mindset” in order to think like a hacker and better defend against future attacks.
Path to certification: Passing the CEH exam is the only step needed to certification. Exam topics include general background knowledge, analysis and assessment, security (in many forms), tools/systems/programs used, procedures and methodology, regulation and policy, and ethics.
The CEH certification is valid for three years and can be renewed by earning 120 continuing education credits within the three-year period. The credits can be earned in many ways, including attending conferences, writing papers and attending webinars. Visit EC-Council for more details.
12. Citrix Certified Associate - Virtualization (CCA-V)
The CCA-V certification covers the basics of managing, maintaining, monitoring and troubleshooting. It is designed for desktop and application administrators and the technical support staff that support those users and is an entry-level certification for Citrix. Note that like most certifications, upgrading to the Citrix Certified Professional – Virtualization (CCP-V) certification increases the average salary and is a good idea to progress in your career as well.
While the number of Citrix-certified individuals is elusive, demand is fairly high and supply low to command a premium salary. It is also a prerequisite for the CCP-V.
Path to certification: This is an entry-level certification, so the only requirement is hands-on experience and passing the exam.
13. CompTIA Security+
CompTIA Security+ is an intermediate-level exam, focusing on a wide array of foundational security topics, including data, application, host, network, physical and operational security. You are expected to understand encryption, access control, hardening and secure software development, among other things. Many organizations consider Security+ to be the minimum level of certification to validate the baseline skills you need to perform core security functions.
Path to certification: CompTIA’s exams are designed to test professionals, ensuring they have the skill set necessary to work in the IT industry. So don’t expect that you can just skate through these exams. You have to prepare. While on-the-job experience is an excellent start, the average IT job doesn’t provide all of the requisite information needed to cover all of the certification exam objectives. Ideal candidates for the Security+ exam have at least two years of experience in IT administration with a focus on security, and day-to-day technical information security experience. A CompTIA Network+ certification is also recommended.
14. CompTIA Network+
CompTIA Network+ focuses on entry-level networking, including networking help desk technicians, infrastructure installers and junior network technicians. This exam covers the installation, maintenance and troubleshooting of networks, including Ethernet and Wireless. You are also tested on various protocols for both the LAN and WAN, and on the importance of network security. Passing this exam proves that you have foundational knowledge related to network infrastructure and network protocols. Network+ can be a stepping stone for vendor-specific certifications, such as Cisco CCNA.
Path to certification: CompTIA’s exams are designed to test professionals, ensuring they have the skill set necessary to work in the IT industry. So don’t expect that you can just skate through these exams. You have to prepare. While on-the-job experience is an excellent start, the average IT job doesn’t provide all of the requisite information needed to cover all of the certification exam objectives. For Network+, the CompTIA IT Fundamentals certification and CompTIA A+ certification are prerequisites.
15. Cisco Certified Networking Professional (CCNP) Routing and Switching
The Cisco CCNP Routing and Switching certification is an advanced certification that ensures network engineers and administrators have the skills to plan, implement, verify and troubleshoot local and wide area enterprise networks and can work collaboratively with specialists on advanced security, voice, wireless and video solutions. Students should have at least a year of networking experience and the ability to work independently on complex network solutions.
This certification has staying power and is always in demand. While other areas come and go, routing and switching is something that is required for almost all organizations, whether they keep their data locally or in the cloud.
Path to certification: Achieving CCNP certification requires that you have achieved CCNA Routing and Switching and that you pass three exams—one for routing, one for switching, and one for troubleshooting.
Eleven of these certifications were included in the 2018 top-paying certification list.
Five are in security, down from six last year.
Four are in cloud computing, up from two last year.
Two are in project management.
Two are in networking.
AWS, ISACA and CompTIA each have two certifications in the top 15.
Both CompTIA certifications are new to the list this year.
CISSP tops this list in terms of popularity, with 568 certification-holders. It was followed, in order, by ITIL, Security+, AWS Certified Solutions Architect and PMP.
Obs. Pessoal obviamente algumas certificações ficaram de fora devido a sua raridade no mercado (CCIEs, CCDE, OWASP, RHCE etc).
Obs. 2.- Muitos entrevistados possuem várias certificações tornando algumas certificações mais básicas com uma média mais alta (ITIL, Network+, Sec+ etc).
Obs.3 - Você pode seguir a evolução das certificações nos posts abaixo:
quarta-feira, 20 de março de 2019
A Microsoft lançou no final do último mês o learning path de DevOps incluindo a prova no nível de expert (Microsoft DevOps Engineer Expert ), não é a primeira tentativa da empresa em introduzir ao mercado uma certificação totalmente voltada para essa área, chegaram a lançar em 2018 alguns beta testes de provas, porém sofreram com algun problemas como a rápida evolução da área e das ferramentas utilizadas, o escopo do exame não foi bem dimensionado e as certificações antigas não preparavam o profissional de DevOps para o mercado de trabalho, levando em consideração, eles reformularam a track conforme imagem abaixo:
Além disso, as certificações irão focar nos temas abaixo:
- Azure DevOps (formerly VSTS and TFS)
- Version Control (focusing on Git but touching on TFVC)
- ARM (a fundamental automation concept when dealing with Azure automation)
- PowerShell (another fundamental concept that we want Azure people to be aware of even if they come from a Unix/Bash background)
Segue os treinamentos base para a certificação de expert:
Ainda é muito cedo para dizer se algum vendor irá consegui introduzir as suas certificações na área, sendo que conheço alguns profissionais de DevOps e nenhum deles se interessa por certificações, eles se preocupam mais com as ferramentas que vão utilizar.
segunda-feira, 11 de março de 2019
Fala galera tranquilo?
A Microsoft está trazendo um novos treinamentos chamados IoT School, ele se divide em alguns modulos (learning paths) que podem ser realizados de diversas formas:
Cada learning paths contam com alguns modulos que variam o tempo de estudos, vão de 30 minutos a algumas horas, além de contar com níveis de dificuldade variados.
Todos os temas são voltados para como utilizar equipamentos IoTs conectados nos produtos Microsoft, além de ajudar no desenvolvimento de novas ferramentas ou plataformas voltadas para esse mundo, segue algumas telas dos curso:
Se você tem curiosidade na área, se está trabalhando em algum projeto com IoT e precisa expandir um pouco o seu conhecimento, esse portal pode te ajudar e te dar um guia de como utilizar as melhores ferramentas, dicas de desenvolvimento, dicas de projetos em Internet of Things, vale a pena dar uma olhada.
sábado, 9 de março de 2019
Fala galera beleza?
A CompTIA traz duas novidades bacanas para quem curte cybersecurity e pen test, a primeira será um sorteio de 2 pacotes completos de treinamento para prova Pentest + (treinamento, voucher e retake para prova), para participar basta se cadastrar no link abaixo e liberar o seu acesso no Immersive Labs que vou explicar mais abaixo, o sorteio irá ocorrer dia 29 de março:
Link para inscrição:
A segunda novidade é o Immmersive Labs, são diversos laboratórios práticos para o profissional de pentest, segurança e network que vão do básico (exemplo portas TCP, funcionamento básico de SOs etc) até a utilzação de ferramentas avançadas e labs complexos (CTF, ferramentas do Kali, analise bínaria e mais):
Segue algumas telas dos labs e dos treinamentos:
Todos os labs são realizados via browser mesmo e não há necessidade de instalar nenhum programa, o único pré requisito é ter um inglês médio para entendimento do conteúdo.
Galera vale a pena brincar um pouco nos labs, são bem intuitivos e alguns são bem desafiadores.
sexta-feira, 8 de março de 2019
Fala galera beleza?
Mais uma edição da CryptoRave chegando, dessa vez o evento irá acontecer nos dias 3 e 4 de maio e conta com uma infraestrutura ainda mairo que do ano anterior, segue um pouco sobre o evento:
Inspirada no movimento internacional das CryptoParties, a CryptoRave é um esforço coletivo para difundir os conceitos fundamentais de privacidade e liberdade na Internet e ampliar a adoção de práticas e ferramentas de segurança digital (comunicação com criptografia, entre elas). Estamos nesta missão há seis anos, mas democratizar este conhecimento nunca foi tão importante.
A CryptoRave é uma festa/encontro/evento aberto e gratuito - o maior deste tipo no mundo -, onde hackers, ativistas, cypherpunks, estudantes, nerds, pessoas curiosas e interessadas em apropriar-se de práticas de segurança e de proteção de dados pessoais se encontram.
São 24 horas de conversas, debates, trocas e formação na área de segurança, privacidade e criptografia. A programação é toda feita a partir da inscrição de atividades sugeridas pela comunidade, com participação de grandes nomes da segurança, criptografia e privacidade global, pessoas trazidas com o apoio do financiamento coletivo.
Já estiveram na CryptoRave Jérémie Zimmermann, Peter Sunde, André Meister, James Bamford, Sasha Costanza-chock, Harry Halpin, Eva Galperin, Roy Singham, Micah Anderson, Hervé Falciani, Paulo Barreto, Diego Aranha, Nick Calyx, Anne Roth, Torsten Grote, Sergio Amadeu, David Miranda, entre outros/as.
Tradicionalmente, ao final dos debates e atividades, uma grande festa encerra o evento.
A edição deste ano (a sexta consecutiva!!) será nos dias 03 e 04 de maio, em São Paulo (o local será divulgado posteriormente). E sim, só tem CryptoRave se for coletado
A programação e o local do evento ainda não foram divulgados, porém como sempre teremos diversas palastras, oficinas e muito mais, para apoiar o evento basta acessar o link abaixo e realizar uma doação:
Link do evento:
Participem, vale a pena, 24 horas de muito hacktivismo, hacking, tecnologia e muito mais.