πŸ—ΊοΈ IT DOMAIN HIERARCHY β€” Dari Big Picture Sampai Task Spesifik

Filosofi: Sebelum coding, pahami dulu di mana posisi Anda di peta besar. Ini adalah GPS untuk karir dan project IT/Cybersecurity.


Level 0: INFORMATION TECHNOLOGY (Root)

INFORMATION TECHNOLOGY (IT)
β”‚
β”œβ”€β”€ 1. SOFTWARE DEVELOPMENT
β”‚   β”œβ”€β”€ Web Development
β”‚   β”œβ”€β”€ Mobile Development
β”‚   β”œβ”€β”€ Desktop Development
β”‚   β”œβ”€β”€ Game Development
β”‚   β”œβ”€β”€ Embedded Systems
β”‚   └── DevOps / SRE
β”‚
β”œβ”€β”€ 2. INFRASTRUCTURE & NETWORKING
β”‚   β”œβ”€β”€ Network Engineering
β”‚   β”œβ”€β”€ System Administration
β”‚   β”œβ”€β”€ Cloud Computing
β”‚   β”œβ”€β”€ Database Administration
β”‚   └── Virtualization
β”‚
β”œβ”€β”€ 3. DATA & ANALYTICS
β”‚   β”œβ”€β”€ Data Science
β”‚   β”œβ”€β”€ Data Engineering
β”‚   β”œβ”€β”€ Business Intelligence
β”‚   └── Machine Learning / AI
β”‚
β”œβ”€β”€ 4. CYBERSECURITY ⭐ (Fokus Kita)
β”‚   β”œβ”€β”€ Offensive Security (Red Team)
β”‚   β”œβ”€β”€ Defensive Security (Blue Team)
β”‚   β”œβ”€β”€ Security Operations (SOC)
β”‚   β”œβ”€β”€ Governance, Risk & Compliance (GRC)
β”‚   └── Security Architecture
β”‚
β”œβ”€β”€ 5. IT MANAGEMENT
β”‚   β”œβ”€β”€ IT Project Management
β”‚   β”œβ”€β”€ IT Service Management (ITIL)
β”‚   └── Enterprise Architecture
β”‚
└── 6. EMERGING TECH
    β”œβ”€β”€ Blockchain
    β”œβ”€β”€ IoT (Internet of Things)
    β”œβ”€β”€ Quantum Computing
    └── Extended Reality (AR/VR/MR)

Level 1: CYBERSECURITY β€” 5 Pilar Utama

CYBERSECURITY
β”‚
β”œβ”€ 1.1 OFFENSIVE SECURITY (Red Team) β€” "Break things to fix them"
β”‚   β”œβ”€β”€ Penetration Testing
β”‚   β”œβ”€β”€ Vulnerability Assessment
β”‚   β”œβ”€β”€ Red Team Operations
β”‚   β”œβ”€β”€ Social Engineering
β”‚   β”œβ”€β”€ Physical Security Testing
β”‚   └── Exploit Development
β”‚
β”œβ”€ 1.2 DEFENSIVE SECURITY (Blue Team) β€” "Protect and detect"
β”‚   β”œβ”€β”€ Endpoint Security (EDR/XDR)
β”‚   β”œβ”€β”€ Network Security (Firewall/IDS/IPS)
β”‚   β”œβ”€β”€ Application Security (WAF/AppSec)
β”‚   β”œβ”€β”€ Data Security (DLP/Encryption)
β”‚   β”œβ”€β”€ Identity & Access Management (IAM)
β”‚   └── Cloud Security (CASB/CSPM)
β”‚
β”œβ”€ 1.3 SECURITY OPERATIONS (SOC) β€” "Monitor and respond"
β”‚   β”œβ”€β”€ Security Monitoring (SIEM)
β”‚   β”œβ”€β”€ Incident Response (IR)
β”‚   β”œβ”€β”€ Threat Hunting
β”‚   β”œβ”€β”€ Threat Intelligence (CTI)
β”‚   β”œβ”€β”€ Digital Forensics
β”‚   └── Security Automation (SOAR)
β”‚
β”œβ”€ 1.4 GOVERNANCE, RISK & COMPLIANCE (GRC) β€” "Policy and audit"
β”‚   β”œβ”€β”€ Security Governance
β”‚   β”œβ”€β”€ Risk Management
β”‚   β”œβ”€β”€ Compliance (ISO 27001, SOC 2, PCI-DSS)
β”‚   β”œβ”€β”€ Security Awareness Training
β”‚   └── Third-Party Risk Management
β”‚
└─ 1.5 SECURITY ARCHITECTURE β€” "Design secure systems"
    β”œβ”€β”€ Security Architecture Design
    β”œβ”€β”€ Zero Trust Architecture
    β”œβ”€β”€ Secure Network Design
    β”œβ”€β”€ Secure Software Development (SDLC)
    └── Cryptography Implementation

Level 2: BLUE TEAM β€” Sub-Domain Detail

BLUE TEAM (Defensive Security)
β”‚
β”œβ”€ 2.1 ENDPOINT SECURITY
β”‚   β”œβ”€β”€ EDR (Endpoint Detection & Response)
β”‚   β”‚   β”œβ”€β”€ Real-time process monitoring
β”‚   β”‚   β”œβ”€β”€ Behavioral analysis
β”‚   β”‚   β”œβ”€β”€ Memory scanning
β”‚   β”‚   └── Automated response
β”‚   β”‚
β”‚   β”œβ”€β”€ Antivirus / Anti-Malware
β”‚   β”‚   β”œβ”€β”€ Signature-based detection
β”‚   β”‚   β”œβ”€β”€ Heuristic analysis
β”‚   β”‚   └── Sandboxing
β”‚   β”‚
β”‚   β”œβ”€β”€ Host Firewall
β”‚   β”‚   β”œβ”€β”€ Inbound/outbound filtering
β”‚   β”‚   β”œβ”€β”€ Application control
β”‚   β”‚   └── Port management
β”‚   β”‚
β”‚   └── Device Control
β”‚       β”œβ”€β”€ USB blocking
β”‚       β”œβ”€β”€ Peripheral management
β”‚       └── BYOD policy
β”‚
β”œβ”€ 2.2 NETWORK SECURITY
β”‚   β”œβ”€β”€ Firewall
β”‚   β”‚   β”œβ”€β”€ Packet filter (Layer 3/4)
β”‚   β”‚   β”œβ”€β”€ Stateful inspection
β”‚   β”‚   β”œβ”€β”€ Application layer (Layer 7 / WAF)
β”‚   β”‚   └── Next-Gen Firewall (NGFW)
β”‚   β”‚
β”‚   β”œβ”€β”€ IDS/IPS
β”‚   β”‚   β”œβ”€β”€ Signature-based (Snort/Suricata)
β”‚   β”‚   β”œβ”€β”€ Anomaly-based
β”‚   β”‚   └── Protocol analysis
β”‚   β”‚
β”‚   β”œβ”€β”€ VPN
β”‚   β”‚   β”œβ”€β”€ Site-to-site
β”‚   β”‚   β”œβ”€β”€ Remote access
β”‚   β”‚   └── Zero Trust Network Access
β”‚   β”‚
β”‚   β”œβ”€β”€ Network Segmentation
β”‚   β”‚   β”œβ”€β”€ VLAN
β”‚   β”‚   β”œβ”€β”€ Micro-segmentation
β”‚   β”‚   └── DMZ design
β”‚   β”‚
β”‚   └── DDoS Protection
β”‚       β”œβ”€β”€ Rate limiting
β”‚       β”œβ”€β”€ SYN cookie
β”‚       β”œβ”€β”€ Scrubbing center
β”‚       └── CDN-based protection
β”‚
β”œβ”€ 2.3 APPLICATION SECURITY
β”‚   β”œβ”€β”€ WAF (Web Application Firewall)
β”‚   β”‚   β”œβ”€β”€ SQL Injection protection
β”‚   β”‚   β”œβ”€β”€ XSS protection
β”‚   β”‚   β”œβ”€β”€ CSRF protection
β”‚   β”‚   β”œβ”€β”€ Bot detection
β”‚   β”‚   └── API security
β”‚   β”‚
β”‚   β”œβ”€β”€ SAST (Static Analysis)
β”‚   β”‚   β”œβ”€β”€ Source code scanning
β”‚   β”‚   β”œβ”€β”€ Dependency check
β”‚   β”‚   └── Secret detection
β”‚   β”‚
β”‚   β”œβ”€β”€ DAST (Dynamic Analysis)
β”‚   β”‚   β”œβ”€β”€ Web app scanning
β”‚   β”‚   β”œβ”€β”€ API testing
β”‚   β”‚   └── Fuzzing
β”‚   β”‚
β”‚   └── RASP (Runtime Protection)
β”‚       β”œβ”€β”€ In-app monitoring
β”‚       β”œβ”€β”€ Behavior blocking
β”‚       └── Virtual patching
β”‚
β”œβ”€ 2.4 DATA SECURITY
β”‚   β”œβ”€β”€ Encryption
β”‚   β”‚   β”œβ”€β”€ At-rest (disk/database)
β”‚   β”‚   β”œβ”€β”€ In-transit (TLS/mTLS)
β”‚   β”‚   └── In-use (confidential computing)
β”‚   β”‚
β”‚   β”œβ”€β”€ DLP (Data Loss Prevention)
β”‚   β”‚   β”œβ”€β”€ Endpoint DLP
β”‚   β”‚   β”œβ”€β”€ Network DLP
β”‚   β”‚   └── Cloud DLP
β”‚   β”‚
β”‚   β”œβ”€β”€ Key Management
β”‚   β”‚   β”œβ”€β”€ HSM (Hardware Security Module)
β”‚   β”‚   β”œβ”€β”€ KMS (Key Management Service)
β”‚   β”‚   └── PKI infrastructure
β”‚   β”‚
β”‚   └── Backup & Recovery
β”‚       β”œβ”€β”€ Immutable backup
β”‚       β”œβ”€β”€ Air-gapped backup
β”‚       └── Ransomware recovery
β”‚
└─ 2.5 IDENTITY & ACCESS MANAGEMENT
    β”œβ”€β”€ Authentication
    β”‚   β”œβ”€β”€ Password policy
    β”‚   β”œβ”€β”€ MFA (Multi-Factor Auth)
    β”‚   β”œβ”€β”€ Biometric
    β”‚   └── Passwordless (FIDO2/WebAuthn)
    β”‚
    β”œβ”€β”€ Authorization
    β”‚   β”œβ”€β”€ RBAC (Role-Based)
    β”‚   β”œβ”€β”€ ABAC (Attribute-Based)
    β”‚   └── PBAC (Policy-Based)
    β”‚
    β”œβ”€β”€ SSO (Single Sign-On)
    β”‚   β”œβ”€β”€ SAML
    β”‚   β”œβ”€β”€ OAuth 2.0 / OIDC
    β”‚   └── Kerberos
    β”‚
    └── PAM (Privileged Access Management)
        β”œβ”€β”€ Privileged account vault
        β”œβ”€β”€ Session recording
        └── Just-in-Time access

Level 3: SOC β€” Sub-Domain Detail

SOC (Security Operations Center)
β”‚
β”œβ”€ 3.1 SECURITY MONITORING
β”‚   β”œβ”€β”€ SIEM (Security Information & Event Management)
β”‚   β”‚   β”œβ”€β”€ Log aggregation (syslog, Windows Event, cloud)
β”‚   β”‚   β”œβ”€β”€ Correlation rules
β”‚   β”‚   β”œβ”€β”€ Alert generation
β”‚   β”‚   β”œβ”€β”€ Dashboard & reporting
β”‚   β”‚   └── MITRE ATT&CK mapping
β”‚   β”‚
β”‚   β”œβ”€β”€ Log Management
β”‚   β”‚   β”œβ”€β”€ Centralized logging
β”‚   β”‚   β”œβ”€β”€ Log retention policy
β”‚   β”‚   β”œβ”€β”€ Log parsing/normalization
β”‚   β”‚   └── Log integrity verification
β”‚   β”‚
β”‚   └── UEBA (User & Entity Behavior Analytics)
β”‚       β”œβ”€β”€ Baseline establishment
β”‚       β”œβ”€β”€ Anomaly detection
β”‚       β”œβ”€β”€ Insider threat detection
β”‚       └── Account compromise detection
β”‚
β”œβ”€ 3.2 INCIDENT RESPONSE
β”‚   β”œβ”€β”€ Preparation
β”‚   β”‚   β”œβ”€β”€ IR plan & playbook
β”‚   β”‚   β”œβ”€β”€ Contact list & escalation
β”‚   β”‚   └── Tool readiness
β”‚   β”‚
β”‚   β”œβ”€β”€ Detection & Analysis
β”‚   β”‚   β”œβ”€β”€ Alert triage
β”‚   β”‚   β”œβ”€β”€ Scope assessment
β”‚   β”‚   β”œβ”€β”€ Evidence collection
β”‚   β”‚   └── Root cause analysis
β”‚   β”‚
β”‚   β”œβ”€β”€ Containment
β”‚   β”‚   β”œβ”€β”€ Short-term (isolate)
β”‚   β”‚   β”œβ”€β”€ Long-term (segment)
β”‚   β”‚   └── Evidence preservation
β”‚   β”‚
β”‚   β”œβ”€β”€ Eradication
β”‚   β”‚   β”œβ”€β”€ Malware removal
β”‚   β”‚   β”œβ”€β”€ Account cleanup
β”‚   β”‚   └── Vulnerability patching
β”‚   β”‚
β”‚   β”œβ”€β”€ Recovery
β”‚   β”‚   β”œβ”€β”€ System restoration
β”‚   β”‚   β”œβ”€β”€ Service validation
β”‚   β”‚   └── Monitoring enhancement
β”‚   β”‚
β”‚   └── Post-Incident
β”‚       β”œβ”€β”€ Lessons learned
β”‚       β”œβ”€β”€ Report documentation
β”‚       └── Process improvement
β”‚
β”œβ”€ 3.3 THREAT HUNTING
β”‚   β”œβ”€β”€ Hypothesis-driven
β”‚   β”‚   β”œβ”€β”€ MITRE ATT&CK technique
β”‚   β”‚   β”œβ”€β”€ Threat intel indicator
β”‚   β”‚   └── Behavioral anomaly
β”‚   β”‚
β”‚   β”œβ”€β”€ IOC-based
β”‚   β”‚   β”œβ”€β”€ Known bad IP/domain/hash
β”‚   β”‚   β”œβ”€β”€ Threat intel feed
β”‚   β”‚   └── Historical correlation
β”‚   β”‚
β”‚   └── TTP-based
β”‚       β”œβ”€β”€ Lateral movement pattern
β”‚       β”œβ”€β”€ Persistence mechanism
β”‚       └── Data staging behavior
β”‚
β”œβ”€ 3.4 THREAT INTELLIGENCE (CTI)
β”‚   β”œβ”€β”€ Strategic Intel
β”‚   β”‚   β”œβ”€β”€ Threat actor profiling
β”‚   β”‚   β”œβ”€β”€ Geopolitical analysis
β”‚   β”‚   └── Industry-specific threats
β”‚   β”‚
β”‚   β”œβ”€β”€ Tactical Intel
β”‚   β”‚   β”œβ”€β”€ MITRE ATT&CK mapping
β”‚   β”‚   β”œβ”€β”€ TTP documentation
β”‚   β”‚   └── Campaign tracking
β”‚   β”‚
β”‚   β”œβ”€β”€ Operational Intel
β”‚   β”‚   β”œβ”€β”€ IOC management
β”‚   β”‚   β”œβ”€β”€ Feed curation
β”‚   β”‚   └── Detection rule creation
β”‚   β”‚
β”‚   └── Technical Intel
β”‚       β”œβ”€β”€ Malware analysis
β”‚       β”œβ”€β”€ Vulnerability research
β”‚       └── Exploit analysis
β”‚
└─ 3.5 SECURITY AUTOMATION (SOAR)
    β”œβ”€β”€ Playbook Automation
    β”‚   β”œβ”€β”€ Alert enrichment
    β”‚   β”œβ”€β”€ Ticket creation
    β”‚   β”œβ”€β”€ Notification dispatch
    β”‚   └── Containment action
    β”‚
    β”œβ”€β”€ Orchestration
    β”‚   β”œβ”€β”€ Multi-tool integration
    β”‚   β”œβ”€β”€ API chaining
    β”‚   └── Workflow engine
    β”‚
    └── Case Management
        β”œβ”€β”€ Incident tracking
        β”œβ”€β”€ Evidence management
        └── Reporting automation

Level 4: Career Path Mapping

KARIR CYBERSECURITY

ENTRY LEVEL (0-2 tahun)
β”œβ”€β”€ SOC Tier 1 Analyst
β”‚   └── Skill: Alert triage, basic investigation
β”‚
β”œβ”€β”€ Junior Security Engineer
β”‚   └── Skill: Tool deployment, basic config
β”‚
└── IT Support β†’ Security transition
    └── Skill: System admin, networking

MID LEVEL (2-5 tahun)
β”œβ”€β”€ SOC Tier 2 Analyst / Incident Responder
β”‚   └── Skill: Deep investigation, containment
β”‚
β”œβ”€β”€ Security Engineer
β”‚   └── Skill: Tool development, automation
β”‚
β”œβ”€β”€ Threat Hunter
β”‚   └── Skill: Proactive detection, hypothesis
β”‚
└── Detection Engineer
    └── Skill: SIEM rules, detection logic

SENIOR LEVEL (5+ tahun)
β”œβ”€β”€ Security Architect
β”‚   └── Skill: Design defense architecture
β”‚
β”œβ”€β”€ Red Team Operator
β”‚   └── Skill: Attack simulation, evasion
β”‚
β”œβ”€β”€ Security Researcher
β”‚   └── Skill: Vulnerability research, exploit dev
β”‚
└── CISO / Security Manager
    └── Skill: Strategy, governance, leadership

Level 5: Tech Stack per Domain

BAGIAN MANA YANG COCOK DENGAN SKILL ANDA?

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  ANDA SUKA...          β†’  COBA DOMAIN...        β†’  BAHASA  β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€
β”‚  Low-level, kernel     β†’  Endpoint Security     β†’  C/C++  β”‚
β”‚  Memory safety         β†’  Modern EDR            β†’  Rust   β”‚
β”‚  Network packet        β†’  Network Security      β†’  C/Rust β”‚
β”‚  Web app hacking       β†’  AppSec / WAF          β†’  Go/Rustβ”‚
β”‚  Log analysis          β†’  SOC / SIEM            β†’  Python β”‚
β”‚  Automation            β†’  SOAR / DevSecOps     β†’  Python β”‚
β”‚  Data / ML             β†’  Threat Intel / UEBA   β†’  Python β”‚
β”‚  Cloud infrastructure  β†’  Cloud Security        β†’  Go/Terraformβ”‚
β”‚  Policy / audit        β†’  GRC                  β†’  Excel/GRC toolsβ”‚
β”‚  Social engineering    β†’  Red Team / Pentest    β†’  Python/Bashβ”‚
β”‚  Reverse engineering   β†’  Malware Analysis     β†’  C/ASM/Pythonβ”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Level 6: Decision Tree β€” β€œSaya Mau Fokus ke Mana?”

START: Anda di IT, tertarik dengan Cybersecurity
β”‚
β”œβ”€ Apakah Anda suka coding? ──┐
β”‚                             β”‚
β”‚         YA                  β”‚         TIDAK
β”‚         β”‚                   β”‚         β”‚
β”‚         β–Ό                   β”‚         β–Ό
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”           β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚  β”‚ Technical    β”‚           β”‚  β”‚ Non-Technicalβ”‚
β”‚  β”‚ Track          β”‚           β”‚  β”‚ Track        β”‚
β”‚  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”˜           β”‚  β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”˜
β”‚         β”‚                   β”‚         β”‚
β”‚         β–Ό                   β”‚         β–Ό
β”‚  Apakah suka "break"        β”‚  Apakah suka policy?β”‚
β”‚  atau "defend"?             β”‚                     β”‚
β”‚                             β”‚                     β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”     β”‚  YA                 β”‚
β”‚  β”‚ BREAK  β”‚  β”‚ DEFEND β”‚     β”‚  β”‚                  β”‚
β”‚  β”‚ (Attack)β”‚  β”‚(Protect)β”‚    β”‚  β–Ό                  β”‚
β”‚  β””β”€β”€β”€β”¬β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”¬β”€β”€β”€β”€β”˜     β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”   β”‚
β”‚      β”‚           β”‚           β”‚  β”‚ GRC / Complianceβ”‚   β”‚
β”‚      β–Ό           β–Ό           β”‚  β”‚ β€’ ISO 27001    β”‚   β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”     β”‚  β”‚ β€’ SOC 2        β”‚   β”‚
β”‚  β”‚Red Teamβ”‚  β”‚Blue Teamβ”‚     β”‚  β”‚ β€’ Risk Assess  β”‚   β”‚
β”‚  β”‚Pentest β”‚  β”‚SOC/EDR  β”‚     β”‚  β”‚ β€’ Audit        β”‚   β”‚
β”‚  β”‚Exploit β”‚  β”‚WAF/Firewallβ”‚   β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜   β”‚
β”‚  β”‚Dev    β”‚  β”‚SIEM     β”‚     β”‚                     β”‚
β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜     β”‚  TIDAK              β”‚
β”‚                               β”‚  β”‚                  β”‚
β”‚                               β”‚  β–Ό                  β”‚
β”‚                               β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚
β”‚                               β”‚  β”‚ Security Ops   β”‚ β”‚
β”‚                               β”‚  β”‚ Management     β”‚ β”‚
β”‚                               β”‚  β”‚ β€’ SOC Manager  β”‚ β”‚
β”‚                               β”‚  β”‚ β€’ CISO path    β”‚ β”‚
β”‚                               β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”‚
β”‚                               β”‚                     β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

🎯 Kesimpulan: Peta Lengkap

IT (Root)
└── Cybersecurity
    β”œβ”€β”€ Offensive (Red Team)
    β”œβ”€β”€ Defensive (Blue Team)
    β”‚   β”œβ”€β”€ Endpoint Security
    β”‚   β”œβ”€β”€ Network Security
    β”‚   β”œβ”€β”€ Application Security
    β”‚   β”œβ”€β”€ Data Security
    β”‚   └── Identity & Access
    β”œβ”€β”€ SOC Operations
    β”‚   β”œβ”€β”€ SIEM
    β”‚   β”œβ”€β”€ Incident Response
    β”‚   β”œβ”€β”€ Threat Hunting
    β”‚   └── Threat Intel
    β”œβ”€β”€ GRC
    └── Security Architecture

πŸ“‹ Action Items untuk Belajar & Berkarir

#ActionTimelineDomain
1Bangun project portofolio pertamamu3 bulanHands-on Practice
2Tulis blog teknis tentang apa yang dipelajariRutinTechnical Writing
3Berkontribusi di project open source securityParalelCommunity
4Pelajari script automation (Python/Bash)MenengahAutomation
5Ambil sertifikasi dasar (e.g., CompTIA Security+)Tahap AwalCertification
6Ambil sertifikasi spesialisasi (e.g., Linux/Cloud/Pentest)Tahap LanjutSpecialization
7Mulai melamar sebagai Junior Security Engineer / SOC AnalystSetelah siapCareer
8Tingkatkan skill & bangun project lebih kompleksBerkelanjutanGrowth

Document Version: 1.0
Last Updated: 2026-06-16
Purpose: Domain mapping untuk project dan karir cybersecurity