Cybersecurity practices are often broken into two broad categories: offensive and defensive.
Offensive Security
Offensive security involves actively attempting to break into computer systems or exploit bugs in software or hardware to gain unauthorized access. An analyst working in this space attempts to break into their employer’s computer systems and provides feedback based on their analysis.
Defensive Security
Defensive security involves the use of tools to monitor computer systems and software to detect unusual behavior or patterns that could indicate that a bad actor is trying to gain unauthorized access. Defensive security can also involve digital forensics, which are practices used to preserve and analyze digital evidence when investigating security incidents.