Wednesday, August 23, 2017

Security Architect vs Security Consultant vs Penetration Tester !


Architect thinks first and foremost conceptually. They focus on business requirements and how to align security to meet those objectives. This typically manifests in changes to IT (infrastructure, applications) but can just as easily be a process change if it is the simplest solution. Architects are able to dive town in depth on a technical level but generally speaking, not to the same degree as the other two.


Is the middle man between an architect and pentester. A consultant thinks in terms of risk. Usually a technical person who has moved into to consulting based on broader exposure to other areas of security or business and/or excellent communication skills to be able to articulate risk and translate architectural terms and concepts or low levels of detail that a penetration tester may unravel. The posess a moderate degree of technical skill generally, typically higher than an architect.


Highest degree of technical skill. Engineers often fall within this category too. They possess the deepest degree of knowledge and in many cases, the broadest. Their ability to focus on the microlevel of detail is the single greatest strength and in many cases their weakness.


In my mind there is no one better than one, because everyone have his/her own job and rules and obligations. Security Architect thinks about the Business in a manner of Security. Security Consultant valuates the network or the security of something. The Penetration Tester is the responsible of hacking and getting access into systems in order to prove something that maybe already got by a consultant!

In a clear understanding the PenTester is the HACKER. So for me i prefer a Penetration Tester over all others! But it depends on a lot of situations like the salary, the work, and more.

Let me see what do you think in comments :-) !

No comments:

Post a Comment