Inspirations in Security

Over the past 3 years, I’ve been doing a lot of thinking about how much value there is in maintaining an online persona - of maintaining one’s presence amongst the cacophony of voices talking, tweeting, writing and publishing endlessly into the ether.

As the original host of the Application Security Weekly podcast, I was very fortunate to have a large global listenership and all the benefits that came with it - such as an invitation to keynote at OWASP AppSecDay 2018 in Melbourne, Australia (thank you Pam O’Shea). It even helped me build a friendship (and lead to a job) with my mentor, Bryan - so I have built some perspective on the best of what is possible when putting yourself out there.

So why did I stop? Admittedly I got burnt out, and so I’ve been taking a break from maintaining my online presence in hopes of finding that energy again. It wasn’t until a conversation with Bryan last Fall that I realized how much value there is in maintaining one’s online identity, and the sort of career risks one takes in not not doing so.

Indeed, if Leigh Van Valen’s theory of extinction is anywhere as accurate as it appears to be (which is applicable much further afield than biology, as evidenced by this enjoyable article about investing), in order for anyone just to keep up they need to be constantly running toward new horizons. It’s not enough to be content with the job you have, or the career you are building. In order to get ahead, you need to be constantly evolving your thinking and abilities; now more than ever you need to find a way to do that publicly and online.

One person I greatly admire for his constant pursuit of learning and growing would be my friend (and sensei) Jason Haddix. In the years that I’ve known him, he continuous to exemplify a pursuit of growth and learning in ways that I endeavor to follow. If you’re looking for inspiration to do and be more, follow him on Twitter to witness his many exploits in Bug Bounty hunting and beyond.

Likewise, Troy Hunt knew that you had to share your learning publicly as far back as 2009 when he wrote an article on why online identities are smart career moves. Eight years later, he gave an excellent talk at NDC Oslo titled Hack Your Career where he showcased the outcomes of his own recommendations; the perspective he provides will astonish you. Seriously, right-click that link and open it in a new tab for viewing later - it will be an hour of your life that is worth the investment.

In this same way, Daniel Miessler has honed the art of writing and publishing novel ideas even longer than Troy - with content going back as far as 1999 if his copyright is to be believed. We need not look further than the craftsmanship of his many blog posts to believe it.

Finally, Haroon Meer gave a really great talk back in 2012 at Hack-in-the-Box where he introduced the concepts espoused by Richard Hamming applied to the world of InfoSec, as inspired by Hamming’s article titled You and Your Research. Both the talk and the article are worth reading.

From all of this I am reminded of a Chinese proverb that says “the best time to plant a tree was twenty years ago - the second best time is now”. And so today I am launching my own blog to discuss topics at the crossroads of Information Security and Software Development: Securing.Dev

Likewise, as I am but a mere mortal there will be times where I share musings further afield in areas such as history, psychology, economics, and scientific discovery. These posts will be marked as “off-topic” accordingly. Thank you if you’ve stuck with me to this point, and stay tuned for a few posts I’m tee’ing up on the topic of Static Analysis.

In the interim - remember to git commit, and stay classy!


Keith // securingdev

This post is licensed under CC BY 4.0 by the author.