SlideShare a Scribd company logo

SteelCon 2018 Breaking Into Information Security by Andy Gill

Andrew Gill
Andrew Gill

SteelCon 2018 Breaking Into Information Security by Andy Gill, an introcution to pentesting and the security industry. LTR101, ZephrFish

Technology
1 of 26
Download to read offline
Breaking Into Information Security Learning The Ropes 101 (Attempt 2; Steelcon Edition)
I’m Scottish, certain words are commas in real life
Thanks For Being Here • You made it to Steelcon, Welcome! • <Remember to Insert track 1 & track 3 talk title & Don’t forget the kids> • <insert witty comment>
This Isn’t Going to be your Run of the mill HOW TO GET A JOB sort of talk, more it will be a life lesson on why coming to hear me talk is worth coming to Steelcon for alone… Something Something Profit Right?! Works 50% of the time Everytime The Peaks & Troughs of Life - @PwnDexter
Who is This Guy? • Andy Gill – Penetration Tester • I Break Stuff & Write Bad Ass Reports.
I Own A Blue Car, It makes vroom vroom noises
Look at This Guy Kicking the Sun
In Case You Don’t Know Who I am, this is me with longer hair
I Write stuff on the Internet
90% of the time I do this Stuff:
Talk Plan • How I Got to where I am today(Work Wise, Not My Travel…Or Travel if you’re interested?!) • How The Book Came To Be – 5Ws + H • Different Areas of Industry – Useful for both those learning and those already stuck in the industry • Different Paths into Industry • Important Things about Working In Industry • New Project: Making Security Accessible • Questions Maybe if you’re not bored to death by then?
How Did I Get Into The Industry? Fucked Up School Went to College, studied Networking Summer Internship in TIR Studied Security with Longest Degree Title in Prospectus! Summer Internship in Pentesting – Learning The Ropes
TL;DR A Lysdexic Wrote a Book?
Hax Confirmed… Different Areas of Information Security – Blue, Red, Purple, Rainbow Team!
Hax Confirmed… Blue Team –What do they do? But Why are they important?
Hax Confirmed… The Red Team
Hax Confirmed… WTF is Purple Team?
A Penetration Tester’s Top Tips For Getting In… …To the Security Industry
Different Paths – Following Traditional
Different Paths – Career Change
Different Paths – Self Taught
Different Paths – Fuck It I want to learn?
Important Things about Working In Industry Have An Open Mind Have An Escape No Two Days Will Be The Same Keep Learning – Make Every Day A School Day
New Project Plan Making Tech more accessible – teaching the average Jane or Joe about security and expanding their horizons
@ZephrFish on Most Things – Active on Twitter Most My Blog: https://blog.zsec.uk My Book: https://leanpub.com/ltr101- breaking-into-infosec Finding Me Online
Question{s}? Best Question Wins a Book <Show Ze Book>

Recommended

2 tia presentation 'presenting your venture' 20120929
2 tia presentation 'presenting your venture' 201209292 tia presentation 'presenting your venture' 20120929
2 tia presentation 'presenting your venture' 20120929Thought Into Action
 
Tutorial 8
Tutorial 8Tutorial 8
Tutorial 8
Theo Guevara
 
EdTechJoker Spring 2020 - Lecture 1 - Welcome
EdTechJoker Spring 2020 - Lecture 1 - WelcomeEdTechJoker Spring 2020 - Lecture 1 - Welcome
EdTechJoker Spring 2020 - Lecture 1 - Welcome
Bryan Ollendyke
 
The power of internships & how to get one
The power of internships & how to get oneThe power of internships & how to get one
The power of internships & how to get onesarveshmadhu
 
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdfHard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Business of Software Conference
 
Week 12 - Tutorial 8 - Interviews
Week 12 - Tutorial 8 - InterviewsWeek 12 - Tutorial 8 - Interviews
Week 12 - Tutorial 8 - Interviews
BonnieCheng25
 
Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3
Victoria Clarke
 
Acing the Interview
Acing the InterviewAcing the Interview
Acing the Interview
Catherine Morgan
 

Recommended

2 tia presentation 'presenting your venture' 20120929
2 tia presentation 'presenting your venture' 201209292 tia presentation 'presenting your venture' 20120929
2 tia presentation 'presenting your venture' 20120929Thought Into Action
 
Tutorial 8
Tutorial 8Tutorial 8
Tutorial 8
Theo Guevara
 
EdTechJoker Spring 2020 - Lecture 1 - Welcome
EdTechJoker Spring 2020 - Lecture 1 - WelcomeEdTechJoker Spring 2020 - Lecture 1 - Welcome
EdTechJoker Spring 2020 - Lecture 1 - Welcome
Bryan Ollendyke
 
The power of internships & how to get one
The power of internships & how to get oneThe power of internships & how to get one
The power of internships & how to get onesarveshmadhu
 
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdfHard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Hard won lessons on an 18 year rollercoaster ride - Nic Lawrence.pdf
Business of Software Conference
 
Week 12 - Tutorial 8 - Interviews
Week 12 - Tutorial 8 - InterviewsWeek 12 - Tutorial 8 - Interviews
Week 12 - Tutorial 8 - Interviews
BonnieCheng25
 
Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3Braun, Clarke & Hayfield Thematic Analysis Part 3
Braun, Clarke & Hayfield Thematic Analysis Part 3
Victoria Clarke
 
Acing the Interview
Acing the InterviewAcing the Interview
Acing the Interview
Catherine Morgan
 
Edtechposium 2017 - Keynote
Edtechposium 2017 - KeynoteEdtechposium 2017 - Keynote
Edtechposium 2017 - Keynote
Dr Graeme Salter
 
Kaitlyn ford final project agro 100
Kaitlyn ford final project agro 100Kaitlyn ford final project agro 100
Kaitlyn ford final project agro 100
KaitlynFord2
 
Apm thought leadership forum
Apm thought leadership forumApm thought leadership forum
Apm thought leadership forum
APM Community Manager
 
Pellissippi State AITP Meeting November 2014
Pellissippi State AITP Meeting November 2014Pellissippi State AITP Meeting November 2014
Pellissippi State AITP Meeting November 2014
Adrian Carr
 
5 lessons to help you transition into Product Management
5 lessons to help you transition into Product Management5 lessons to help you transition into Product Management
5 lessons to help you transition into Product Management
Jonathan Lai
 
Designing The Problem
Designing The Problem Designing The Problem
Designing The Problem
Steve Portigal
 
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Scrum Breakfast Vietnam
 
So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017
Adrien de Beaupre
 
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mysteryHR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
Ascentis
 
2. colin andrews
2. colin andrews 2. colin andrews
2. colin andrews encompassscotland
 
Making it Hard to say No
Making it Hard to say NoMaking it Hard to say No
Making it Hard to say No
ruthmcdavitt
 
Professional Skills to a Successful Career
Professional Skills to a Successful CareerProfessional Skills to a Successful Career
Professional Skills to a Successful Career
Edward Erasmus
 
Primary Market Research in Emerging Markets
Primary Market Research in Emerging MarketsPrimary Market Research in Emerging Markets
Primary Market Research in Emerging Markets
Elaine Chen
 
Tutorial 8
Tutorial 8Tutorial 8
Tutorial 8
Theo Guevara
 
DATA COLLECTION.pptx
DATA COLLECTION.pptxDATA COLLECTION.pptx
DATA COLLECTION.pptx
Suzie De Leon
 
Tutorial 7 - Term 2
Tutorial 7 - Term 2Tutorial 7 - Term 2
Tutorial 7 - Term 2
Comm202
 
Can I Use Twitter to Help My Career - TweetCamp San Antonio
Can I Use Twitter to Help My Career - TweetCamp San AntonioCan I Use Twitter to Help My Career - TweetCamp San Antonio
Can I Use Twitter to Help My Career - TweetCamp San Antonio
Jim Adcock
 
Summer of Code 09 and How to have a kick ass ICT career
Summer of Code 09 and How to have a kick ass ICT careerSummer of Code 09 and How to have a kick ass ICT career
Summer of Code 09 and How to have a kick ass ICT career
summerofcode
 
disha_workshop_slides.pdf
disha_workshop_slides.pdfdisha_workshop_slides.pdf
disha_workshop_slides.pdf
emertxemarketing
 
Think epic be epic
Think epic be epicThink epic be epic
Think epic be epic
Human Capital Media
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 

More Related Content

Similar to SteelCon 2018 Breaking Into Information Security by Andy Gill

Edtechposium 2017 - Keynote
Edtechposium 2017 - KeynoteEdtechposium 2017 - Keynote
Edtechposium 2017 - Keynote
Dr Graeme Salter
 
Kaitlyn ford final project agro 100
Kaitlyn ford final project agro 100Kaitlyn ford final project agro 100
Kaitlyn ford final project agro 100
KaitlynFord2
 
Apm thought leadership forum
Apm thought leadership forumApm thought leadership forum
Apm thought leadership forum
APM Community Manager
 
Pellissippi State AITP Meeting November 2014
Pellissippi State AITP Meeting November 2014Pellissippi State AITP Meeting November 2014
Pellissippi State AITP Meeting November 2014
Adrian Carr
 
5 lessons to help you transition into Product Management
5 lessons to help you transition into Product Management5 lessons to help you transition into Product Management
5 lessons to help you transition into Product Management
Jonathan Lai
 
Designing The Problem
Designing The Problem Designing The Problem
Designing The Problem
Steve Portigal
 
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Scrum Breakfast Vietnam
 
So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017
Adrien de Beaupre
 
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mysteryHR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
Ascentis
 
Making it Hard to say No
Making it Hard to say NoMaking it Hard to say No
Making it Hard to say No
ruthmcdavitt
 
Professional Skills to a Successful Career
Professional Skills to a Successful CareerProfessional Skills to a Successful Career
Professional Skills to a Successful Career
Edward Erasmus
 
Primary Market Research in Emerging Markets
Primary Market Research in Emerging MarketsPrimary Market Research in Emerging Markets
Primary Market Research in Emerging Markets
Elaine Chen
 
Tutorial 8
Tutorial 8Tutorial 8
Tutorial 8
Theo Guevara
 
DATA COLLECTION.pptx
DATA COLLECTION.pptxDATA COLLECTION.pptx
DATA COLLECTION.pptx
Suzie De Leon
 
Tutorial 7 - Term 2
Tutorial 7 - Term 2Tutorial 7 - Term 2
Tutorial 7 - Term 2
Comm202
 
Can I Use Twitter to Help My Career - TweetCamp San Antonio
Can I Use Twitter to Help My Career - TweetCamp San AntonioCan I Use Twitter to Help My Career - TweetCamp San Antonio
Can I Use Twitter to Help My Career - TweetCamp San Antonio
Jim Adcock
 
Summer of Code 09 and How to have a kick ass ICT career
Summer of Code 09 and How to have a kick ass ICT careerSummer of Code 09 and How to have a kick ass ICT career
Summer of Code 09 and How to have a kick ass ICT career
summerofcode
 
disha_workshop_slides.pdf
disha_workshop_slides.pdfdisha_workshop_slides.pdf
disha_workshop_slides.pdf
emertxemarketing
 
Think epic be epic
Think epic be epicThink epic be epic
Think epic be epic
Human Capital Media
 

Similar to SteelCon 2018 Breaking Into Information Security by Andy Gill (20)

Edtechposium 2017 - Keynote
Edtechposium 2017 - KeynoteEdtechposium 2017 - Keynote
Edtechposium 2017 - Keynote
 
Kaitlyn ford final project agro 100
Kaitlyn ford final project agro 100Kaitlyn ford final project agro 100
Kaitlyn ford final project agro 100
 
Apm thought leadership forum
Apm thought leadership forumApm thought leadership forum
Apm thought leadership forum
 
Pellissippi State AITP Meeting November 2014
Pellissippi State AITP Meeting November 2014Pellissippi State AITP Meeting November 2014
Pellissippi State AITP Meeting November 2014
 
5 lessons to help you transition into Product Management
5 lessons to help you transition into Product Management5 lessons to help you transition into Product Management
5 lessons to help you transition into Product Management
 
Designing The Problem
Designing The Problem Designing The Problem
Designing The Problem
 
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
Retrospective Toolbox - HCMC Scrum Breakfast - 30/11/2019
 
So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017So, you wanna be a pen tester ctsc2017
So, you wanna be a pen tester ctsc2017
 
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mysteryHR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
HR Webinar: Unraveling HR Investigations: They don’t have to be a mystery
 
2. colin andrews
2. colin andrews 2. colin andrews
2. colin andrews
 
Making it Hard to say No
Making it Hard to say NoMaking it Hard to say No
Making it Hard to say No
 
Professional Skills to a Successful Career
Professional Skills to a Successful CareerProfessional Skills to a Successful Career
Professional Skills to a Successful Career
 
Primary Market Research in Emerging Markets
Primary Market Research in Emerging MarketsPrimary Market Research in Emerging Markets
Primary Market Research in Emerging Markets
 
Tutorial 8
Tutorial 8Tutorial 8
Tutorial 8
 
DATA COLLECTION.pptx
DATA COLLECTION.pptxDATA COLLECTION.pptx
DATA COLLECTION.pptx
 
Tutorial 7 - Term 2
Tutorial 7 - Term 2Tutorial 7 - Term 2
Tutorial 7 - Term 2
 
Can I Use Twitter to Help My Career - TweetCamp San Antonio
Can I Use Twitter to Help My Career - TweetCamp San AntonioCan I Use Twitter to Help My Career - TweetCamp San Antonio
Can I Use Twitter to Help My Career - TweetCamp San Antonio
 
Summer of Code 09 and How to have a kick ass ICT career
Summer of Code 09 and How to have a kick ass ICT careerSummer of Code 09 and How to have a kick ass ICT career
Summer of Code 09 and How to have a kick ass ICT career
 
disha_workshop_slides.pdf
disha_workshop_slides.pdfdisha_workshop_slides.pdf
disha_workshop_slides.pdf
 
Think epic be epic
Think epic be epicThink epic be epic
Think epic be epic
 

Recently uploaded

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 

Recently uploaded (20)

Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 

SteelCon 2018 Breaking Into Information Security by Andy Gill

  • 1. Breaking Into Information Security Learning The Ropes 101 (Attempt 2; Steelcon Edition)
  • 2. I’m Scottish, certain words are commas in real life
  • 3. Thanks For Being Here • You made it to Steelcon, Welcome! • <Remember to Insert track 1 & track 3 talk title & Don’t forget the kids> • <insert witty comment>
  • 4. This Isn’t Going to be your Run of the mill HOW TO GET A JOB sort of talk, more it will be a life lesson on why coming to hear me talk is worth coming to Steelcon for alone… Something Something Profit Right?! Works 50% of the time Everytime The Peaks & Troughs of Life - @PwnDexter
  • 5. Who is This Guy? • Andy Gill – Penetration Tester • I Break Stuff & Write Bad Ass Reports.
  • 6. I Own A Blue Car, It makes vroom vroom noises
  • 7. Look at This Guy Kicking the Sun
  • 8. In Case You Don’t Know Who I am, this is me with longer hair
  • 9. I Write stuff on the Internet
  • 10. 90% of the time I do this Stuff:
  • 11. Talk Plan • How I Got to where I am today(Work Wise, Not My Travel…Or Travel if you’re interested?!) • How The Book Came To Be – 5Ws + H • Different Areas of Industry – Useful for both those learning and those already stuck in the industry • Different Paths into Industry • Important Things about Working In Industry • New Project: Making Security Accessible • Questions Maybe if you’re not bored to death by then?
  • 12. How Did I Get Into The Industry? Fucked Up School Went to College, studied Networking Summer Internship in TIR Studied Security with Longest Degree Title in Prospectus! Summer Internship in Pentesting – Learning The Ropes
  • 14. Hax Confirmed… Different Areas of Information Security – Blue, Red, Purple, Rainbow Team!
  • 15. Hax Confirmed… Blue Team –What do they do? But Why are they important?
  • 17. Hax Confirmed… WTF is Purple Team?
  • 18. A Penetration Tester’s Top Tips For Getting In… …To the Security Industry
  • 19. Different Paths – Following Traditional
  • 20. Different Paths – Career Change
  • 21. Different Paths – Self Taught
  • 22. Different Paths – Fuck It I want to learn?
  • 23. Important Things about Working In Industry Have An Open Mind Have An Escape No Two Days Will Be The Same Keep Learning – Make Every Day A School Day
  • 24. New Project Plan Making Tech more accessible – teaching the average Jane or Joe about security and expanding their horizons
  • 25. @ZephrFish on Most Things – Active on Twitter Most My Blog: https://blog.zsec.uk My Book: https://leanpub.com/ltr101- breaking-into-infosec Finding Me Online
  • 26. Question{s}? Best Question Wins a Book <Show Ze Book>