What do folks who work in security and cybersecurity do on daily basis? Do they actually come up with schemes to attempt hacks? Do you they consult with developers on how to securely code? Or folks are just running scanners daily and installing patches or crafting security policies to be used by engineers. I feel that many folks in thay field canβt exploit hacks at all.
Agreed on both! As per the title of your topic, security engineering itself is a different role, which has different responsibilities than other Infosec domains described above
Design Reviews, Vuln Research, Offensive Security, and App testing
All of it.
You just identified like 5 different job roles in your question.. Here are some roles within security/cyber that you asked about: 1) offensive security- hacking/pen testing, Intel-driven security 2) security dev - they are involved in product or application sec dev and deal with secure design 3) SOC engineers/analysts - run scans, build threat detection 4) helpdesk - push updates/patches There are a lot more roles to include incident response, network sec, cloud sec, forensics, etc etc