πΊοΈ IT DOMAIN HIERARCHY β Dari Big Picture Sampai Task Spesifik
Filosofi: Sebelum coding, pahami dulu di mana posisi Anda di peta besar. Ini adalah GPS untuk karir dan project IT/Cybersecurity.
Level 0: INFORMATION TECHNOLOGY (Root)
INFORMATION TECHNOLOGY (IT)
β
βββ 1. SOFTWARE DEVELOPMENT
β βββ Web Development
β βββ Mobile Development
β βββ Desktop Development
β βββ Game Development
β βββ Embedded Systems
β βββ DevOps / SRE
β
βββ 2. INFRASTRUCTURE & NETWORKING
β βββ Network Engineering
β βββ System Administration
β βββ Cloud Computing
β βββ Database Administration
β βββ Virtualization
β
βββ 3. DATA & ANALYTICS
β βββ Data Science
β βββ Data Engineering
β βββ Business Intelligence
β βββ Machine Learning / AI
β
βββ 4. CYBERSECURITY β (Fokus Kita)
β βββ Offensive Security (Red Team)
β βββ Defensive Security (Blue Team)
β βββ Security Operations (SOC)
β βββ Governance, Risk & Compliance (GRC)
β βββ Security Architecture
β
βββ 5. IT MANAGEMENT
β βββ IT Project Management
β βββ IT Service Management (ITIL)
β βββ Enterprise Architecture
β
βββ 6. EMERGING TECH
βββ Blockchain
βββ IoT (Internet of Things)
βββ Quantum Computing
βββ Extended Reality (AR/VR/MR)
Level 1: CYBERSECURITY β 5 Pilar Utama
CYBERSECURITY
β
ββ 1.1 OFFENSIVE SECURITY (Red Team) β "Break things to fix them"
β βββ Penetration Testing
β βββ Vulnerability Assessment
β βββ Red Team Operations
β βββ Social Engineering
β βββ Physical Security Testing
β βββ Exploit Development
β
ββ 1.2 DEFENSIVE SECURITY (Blue Team) β "Protect and detect"
β βββ Endpoint Security (EDR/XDR)
β βββ Network Security (Firewall/IDS/IPS)
β βββ Application Security (WAF/AppSec)
β βββ Data Security (DLP/Encryption)
β βββ Identity & Access Management (IAM)
β βββ Cloud Security (CASB/CSPM)
β
ββ 1.3 SECURITY OPERATIONS (SOC) β "Monitor and respond"
β βββ Security Monitoring (SIEM)
β βββ Incident Response (IR)
β βββ Threat Hunting
β βββ Threat Intelligence (CTI)
β βββ Digital Forensics
β βββ Security Automation (SOAR)
β
ββ 1.4 GOVERNANCE, RISK & COMPLIANCE (GRC) β "Policy and audit"
β βββ Security Governance
β βββ Risk Management
β βββ Compliance (ISO 27001, SOC 2, PCI-DSS)
β βββ Security Awareness Training
β βββ Third-Party Risk Management
β
ββ 1.5 SECURITY ARCHITECTURE β "Design secure systems"
βββ Security Architecture Design
βββ Zero Trust Architecture
βββ Secure Network Design
βββ Secure Software Development (SDLC)
βββ Cryptography Implementation
Level 2: BLUE TEAM β Sub-Domain Detail
BLUE TEAM (Defensive Security)
β
ββ 2.1 ENDPOINT SECURITY
β βββ EDR (Endpoint Detection & Response)
β β βββ Real-time process monitoring
β β βββ Behavioral analysis
β β βββ Memory scanning
β β βββ Automated response
β β
β βββ Antivirus / Anti-Malware
β β βββ Signature-based detection
β β βββ Heuristic analysis
β β βββ Sandboxing
β β
β βββ Host Firewall
β β βββ Inbound/outbound filtering
β β βββ Application control
β β βββ Port management
β β
β βββ Device Control
β βββ USB blocking
β βββ Peripheral management
β βββ BYOD policy
β
ββ 2.2 NETWORK SECURITY
β βββ Firewall
β β βββ Packet filter (Layer 3/4)
β β βββ Stateful inspection
β β βββ Application layer (Layer 7 / WAF)
β β βββ Next-Gen Firewall (NGFW)
β β
β βββ IDS/IPS
β β βββ Signature-based (Snort/Suricata)
β β βββ Anomaly-based
β β βββ Protocol analysis
β β
β βββ VPN
β β βββ Site-to-site
β β βββ Remote access
β β βββ Zero Trust Network Access
β β
β βββ Network Segmentation
β β βββ VLAN
β β βββ Micro-segmentation
β β βββ DMZ design
β β
β βββ DDoS Protection
β βββ Rate limiting
β βββ SYN cookie
β βββ Scrubbing center
β βββ CDN-based protection
β
ββ 2.3 APPLICATION SECURITY
β βββ WAF (Web Application Firewall)
β β βββ SQL Injection protection
β β βββ XSS protection
β β βββ CSRF protection
β β βββ Bot detection
β β βββ API security
β β
β βββ SAST (Static Analysis)
β β βββ Source code scanning
β β βββ Dependency check
β β βββ Secret detection
β β
β βββ DAST (Dynamic Analysis)
β β βββ Web app scanning
β β βββ API testing
β β βββ Fuzzing
β β
β βββ RASP (Runtime Protection)
β βββ In-app monitoring
β βββ Behavior blocking
β βββ Virtual patching
β
ββ 2.4 DATA SECURITY
β βββ Encryption
β β βββ At-rest (disk/database)
β β βββ In-transit (TLS/mTLS)
β β βββ In-use (confidential computing)
β β
β βββ DLP (Data Loss Prevention)
β β βββ Endpoint DLP
β β βββ Network DLP
β β βββ Cloud DLP
β β
β βββ Key Management
β β βββ HSM (Hardware Security Module)
β β βββ KMS (Key Management Service)
β β βββ PKI infrastructure
β β
β βββ Backup & Recovery
β βββ Immutable backup
β βββ Air-gapped backup
β βββ Ransomware recovery
β
ββ 2.5 IDENTITY & ACCESS MANAGEMENT
βββ Authentication
β βββ Password policy
β βββ MFA (Multi-Factor Auth)
β βββ Biometric
β βββ Passwordless (FIDO2/WebAuthn)
β
βββ Authorization
β βββ RBAC (Role-Based)
β βββ ABAC (Attribute-Based)
β βββ PBAC (Policy-Based)
β
βββ SSO (Single Sign-On)
β βββ SAML
β βββ OAuth 2.0 / OIDC
β βββ Kerberos
β
βββ PAM (Privileged Access Management)
βββ Privileged account vault
βββ Session recording
βββ Just-in-Time access
Level 3: SOC β Sub-Domain Detail
SOC (Security Operations Center)
β
ββ 3.1 SECURITY MONITORING
β βββ SIEM (Security Information & Event Management)
β β βββ Log aggregation (syslog, Windows Event, cloud)
β β βββ Correlation rules
β β βββ Alert generation
β β βββ Dashboard & reporting
β β βββ MITRE ATT&CK mapping
β β
β βββ Log Management
β β βββ Centralized logging
β β βββ Log retention policy
β β βββ Log parsing/normalization
β β βββ Log integrity verification
β β
β βββ UEBA (User & Entity Behavior Analytics)
β βββ Baseline establishment
β βββ Anomaly detection
β βββ Insider threat detection
β βββ Account compromise detection
β
ββ 3.2 INCIDENT RESPONSE
β βββ Preparation
β β βββ IR plan & playbook
β β βββ Contact list & escalation
β β βββ Tool readiness
β β
β βββ Detection & Analysis
β β βββ Alert triage
β β βββ Scope assessment
β β βββ Evidence collection
β β βββ Root cause analysis
β β
β βββ Containment
β β βββ Short-term (isolate)
β β βββ Long-term (segment)
β β βββ Evidence preservation
β β
β βββ Eradication
β β βββ Malware removal
β β βββ Account cleanup
β β βββ Vulnerability patching
β β
β βββ Recovery
β β βββ System restoration
β β βββ Service validation
β β βββ Monitoring enhancement
β β
β βββ Post-Incident
β βββ Lessons learned
β βββ Report documentation
β βββ Process improvement
β
ββ 3.3 THREAT HUNTING
β βββ Hypothesis-driven
β β βββ MITRE ATT&CK technique
β β βββ Threat intel indicator
β β βββ Behavioral anomaly
β β
β βββ IOC-based
β β βββ Known bad IP/domain/hash
β β βββ Threat intel feed
β β βββ Historical correlation
β β
β βββ TTP-based
β βββ Lateral movement pattern
β βββ Persistence mechanism
β βββ Data staging behavior
β
ββ 3.4 THREAT INTELLIGENCE (CTI)
β βββ Strategic Intel
β β βββ Threat actor profiling
β β βββ Geopolitical analysis
β β βββ Industry-specific threats
β β
β βββ Tactical Intel
β β βββ MITRE ATT&CK mapping
β β βββ TTP documentation
β β βββ Campaign tracking
β β
β βββ Operational Intel
β β βββ IOC management
β β βββ Feed curation
β β βββ Detection rule creation
β β
β βββ Technical Intel
β βββ Malware analysis
β βββ Vulnerability research
β βββ Exploit analysis
β
ββ 3.5 SECURITY AUTOMATION (SOAR)
βββ Playbook Automation
β βββ Alert enrichment
β βββ Ticket creation
β βββ Notification dispatch
β βββ Containment action
β
βββ Orchestration
β βββ Multi-tool integration
β βββ API chaining
β βββ Workflow engine
β
βββ Case Management
βββ Incident tracking
βββ Evidence management
βββ Reporting automation
Level 4: Career Path Mapping
KARIR CYBERSECURITY
ENTRY LEVEL (0-2 tahun)
βββ SOC Tier 1 Analyst
β βββ Skill: Alert triage, basic investigation
β
βββ Junior Security Engineer
β βββ Skill: Tool deployment, basic config
β
βββ IT Support β Security transition
βββ Skill: System admin, networking
MID LEVEL (2-5 tahun)
βββ SOC Tier 2 Analyst / Incident Responder
β βββ Skill: Deep investigation, containment
β
βββ Security Engineer
β βββ Skill: Tool development, automation
β
βββ Threat Hunter
β βββ Skill: Proactive detection, hypothesis
β
βββ Detection Engineer
βββ Skill: SIEM rules, detection logic
SENIOR LEVEL (5+ tahun)
βββ Security Architect
β βββ Skill: Design defense architecture
β
βββ Red Team Operator
β βββ Skill: Attack simulation, evasion
β
βββ Security Researcher
β βββ Skill: Vulnerability research, exploit dev
β
βββ CISO / Security Manager
βββ Skill: Strategy, governance, leadership
Level 5: Tech Stack per Domain
BAGIAN MANA YANG COCOK DENGAN SKILL ANDA?
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β ANDA SUKA... β COBA DOMAIN... β BAHASA β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Low-level, kernel β Endpoint Security β C/C++ β
β Memory safety β Modern EDR β Rust β
β Network packet β Network Security β C/Rust β
β Web app hacking β AppSec / WAF β Go/Rustβ
β Log analysis β SOC / SIEM β Python β
β Automation β SOAR / DevSecOps β Python β
β Data / ML β Threat Intel / UEBA β Python β
β Cloud infrastructure β Cloud Security β Go/Terraformβ
β Policy / audit β GRC β Excel/GRC toolsβ
β Social engineering β Red Team / Pentest β Python/Bashβ
β Reverse engineering β Malware Analysis β C/ASM/Pythonβ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Level 6: Decision Tree β βSaya Mau Fokus ke Mana?β
START: Anda di IT, tertarik dengan Cybersecurity
β
ββ Apakah Anda suka coding? βββ
β β
β YA β TIDAK
β β β β
β βΌ β βΌ
β ββββββββββββββββ β ββββββββββββββββ
β β Technical β β β Non-Technicalβ
β β Track β β β Track β
β ββββββββ¬ββββββββ β ββββββββ¬ββββββββ
β β β β
β βΌ β βΌ
β Apakah suka "break" β Apakah suka policy?β
β atau "defend"? β β
β β β
β ββββββββββ ββββββββββ β YA β
β β BREAK β β DEFEND β β β β
β β (Attack)β β(Protect)β β βΌ β
β βββββ¬βββββ βββββ¬βββββ β ββββββββββββββββ β
β β β β β GRC / Complianceβ β
β βΌ βΌ β β β’ ISO 27001 β β
β ββββββββββ ββββββββββ β β β’ SOC 2 β β
β βRed Teamβ βBlue Teamβ β β β’ Risk Assess β β
β βPentest β βSOC/EDR β β β β’ Audit β β
β βExploit β βWAF/Firewallβ β ββββββββββββββββ β
β βDev β βSIEM β β β
β ββββββββββ ββββββββββ β TIDAK β
β β β β
β β βΌ β
β β ββββββββββββββββ β
β β β Security Ops β β
β β β Management β β
β β β β’ SOC Manager β β
β β β β’ CISO path β β
β β ββββββββββββββββ β
β β β
βββββββββββββββββββββββββββββββββ΄ββββββββββββββββββββββ
π― Kesimpulan: Peta Lengkap
IT (Root)
βββ Cybersecurity
βββ Offensive (Red Team)
βββ Defensive (Blue Team)
β βββ Endpoint Security
β βββ Network Security
β βββ Application Security
β βββ Data Security
β βββ Identity & Access
βββ SOC Operations
β βββ SIEM
β βββ Incident Response
β βββ Threat Hunting
β βββ Threat Intel
βββ GRC
βββ Security Architecture
π Action Items untuk Belajar & Berkarir
| # | Action | Timeline | Domain |
|---|---|---|---|
| 1 | Bangun project portofolio pertamamu | 3 bulan | Hands-on Practice |
| 2 | Tulis blog teknis tentang apa yang dipelajari | Rutin | Technical Writing |
| 3 | Berkontribusi di project open source security | Paralel | Community |
| 4 | Pelajari script automation (Python/Bash) | Menengah | Automation |
| 5 | Ambil sertifikasi dasar (e.g., CompTIA Security+) | Tahap Awal | Certification |
| 6 | Ambil sertifikasi spesialisasi (e.g., Linux/Cloud/Pentest) | Tahap Lanjut | Specialization |
| 7 | Mulai melamar sebagai Junior Security Engineer / SOC Analyst | Setelah siap | Career |
| 8 | Tingkatkan skill & bangun project lebih kompleks | Berkelanjutan | Growth |
Document Version: 1.0
Last Updated: 2026-06-16
Purpose: Domain mapping untuk project dan karir cybersecurity