SlideShare uma empresa Scribd logo

My Life on the Infosec D-List - Andrew Hay

Security B-Sides
Security B-Sides

People new to information security often find themselves wondering how to make a name for themselves in the industry. Andrew Hay has lived most of his career on the D-list but has worked hard to increase his status in the hopes of someday landing that coveted A-list position. Through this talk we'll discuss how to expand your circle of influence, how to build your personal brand, and how to move up from the dreaded Infosec D-List. (might need to change this a bit but you get the general idea).

TecnologiaNegócios
1 de 13
Baixar para ler offline
Monday, March 8, 2010 BSides San Franc#co March 2, 2010
Who’s the Guy in the Dress? • Why that devastatingly handsome man is Andrew Hay! • Blogger • www.andrewhay.ca • Published author • www.andrewhay.ca/books • All around nice guy Monday, March 8, 2010
What is the D-List? Few celebrities in the information security industry Many of us are relegated to obscurity on day one of our security careers Some are happy while others work to claw their way out of obscurity Monday, March 8, 2010 Well, the idea came up at a conference (I can’t recall which one) that there were very few celebrities in the information security industry. As such, many of us are relegated to the D- List on day one of our security careers. Though some are happy to sleep in the “career basement”, others work to claw their way to the top and out of obscurity. That, boys and girls, is the story of how the D-List came to be.
Who’s Who In the Subjective Zoo? • Very few people consider themselves “A-List” 1% 5% • Many people think they’re 10% higher than “D-List” • Some don’t even think they’re worthy of “D-List” 84% status A-List B-List Note - 47% of all statistics are made up at least 75.2% of the time. C-List D-List (a.k.a. Everyone Else) Monday, March 8, 2010
Who’s A-List? Monday, March 8, 2010 Everyone in this room should be able to name someone they consider an “A-List” information security celebrity.
Who’s B- and C-List? Monday, March 8, 2010 The “B-List” and “C-List” is sometimes even more subjective. Many people think that they’re in this range. Sometimes it’s driven by ego, sometimes by accomplishments, but, in reality, you’re at this level when your peers and “the industry” agree you are.
Who’s D-List? Monday, March 8, 2010 What about the “D-List”? Who of you feel that you fall onto the “D-List”? Odds are, if you think you are then you probably are. But is this really a bad thing?
D I - L S T ! Strength in Numbers? Monday, March 8, 2010
Knowing where to start is hard... Monday, March 8, 2010 Knowing where to start is hard, there is no question about it.
In the Beginning... Monday, March 8, 2010 In the beginning, if you are like me, you don’t really know how to get started in information security.
Blogging & Writing Online Conferences, Communities Gatherings & Groups Social Networking Monday, March 8, 2010 Starting a blog is an easy way to to get you and your message out there. Writing articles, books, and papers are another way.
Proud D-Lister’s Monday, March 8, 2010
Questions? Andrew Hay Email: andrewsmhay@gmail.com Blog: www.andrewhay.ca Phone: (403) 360-6367 Monday, March 8, 2010

Recomendados

Good roads 6.1_rus
Good roads 6.1_rusGood roads 6.1_rus
Good roads 6.1_rusEgor Ivanov
 
VenTenn Executive Flyer 2016
VenTenn Executive Flyer 2016VenTenn Executive Flyer 2016
VenTenn Executive Flyer 2016Jorge L. Chaparro
 
Problemas metafísicos
Problemas metafísicosProblemas metafísicos
Problemas metafísicosprofejsegovia
 
AITP - Building the Foundation of Agile (ABRIDGED)
AITP - Building the Foundation of Agile (ABRIDGED)AITP - Building the Foundation of Agile (ABRIDGED)
AITP - Building the Foundation of Agile (ABRIDGED)Michael Dougherty, SPC4, CSP
 
Android Services
Android ServicesAndroid Services
Android ServicesAhsanul Karim
 
Email signature and It's necessary
Email signature and It's necessary Email signature and It's necessary
Email signature and It's necessary Sauvik Ray
 
Cyberthreat Defense Report 2017 by Impreva
Cyberthreat Defense Report 2017 by ImprevaCyberthreat Defense Report 2017 by Impreva
Cyberthreat Defense Report 2017 by ImprevaGhader Ahmadi
 
Self care in end of life care
Self care in end of life careSelf care in end of life care
Self care in end of life careDr. Liza Manalo, MSc.
 

Recomendados

Good roads 6.1_rus
Good roads 6.1_rusGood roads 6.1_rus
Good roads 6.1_rusEgor Ivanov
 
VenTenn Executive Flyer 2016
VenTenn Executive Flyer 2016VenTenn Executive Flyer 2016
VenTenn Executive Flyer 2016Jorge L. Chaparro
 
Problemas metafísicos
Problemas metafísicosProblemas metafísicos
Problemas metafísicosprofejsegovia
 
AITP - Building the Foundation of Agile (ABRIDGED)
AITP - Building the Foundation of Agile (ABRIDGED)AITP - Building the Foundation of Agile (ABRIDGED)
AITP - Building the Foundation of Agile (ABRIDGED)Michael Dougherty, SPC4, CSP
 
Android Services
Android ServicesAndroid Services
Android ServicesAhsanul Karim
 
Email signature and It's necessary
Email signature and It's necessary Email signature and It's necessary
Email signature and It's necessary Sauvik Ray
 
Cyberthreat Defense Report 2017 by Impreva
Cyberthreat Defense Report 2017 by ImprevaCyberthreat Defense Report 2017 by Impreva
Cyberthreat Defense Report 2017 by ImprevaGhader Ahmadi
 
Self care in end of life care
Self care in end of life careSelf care in end of life care
Self care in end of life careDr. Liza Manalo, MSc.
 
1938 Propuesta de producción
1938 Propuesta de producción1938 Propuesta de producción
1938 Propuesta de producciónFrancisco Arias
 
Profissão bibliotecário: tendências e (im)possibilidades
Profissão bibliotecário: tendências e (im)possibilidadesProfissão bibliotecário: tendências e (im)possibilidades
Profissão bibliotecário: tendências e (im)possibilidadesSuelybcs .
 
TensorFlow XLA : AOT編 チラ見版
TensorFlow XLA : AOT編 チラ見版TensorFlow XLA : AOT編 チラ見版
TensorFlow XLA : AOT編 チラ見版Mr. Vengineer
 
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_markCSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_markCanSecWest
 
Zabbix 3.4の新機能 @OSC 2017 Tokyo/Spring
Zabbix 3.4の新機能 @OSC 2017 Tokyo/SpringZabbix 3.4の新機能 @OSC 2017 Tokyo/Spring
Zabbix 3.4の新機能 @OSC 2017 Tokyo/SpringAtsushi Tanaka
 
ABA TECHSHOW 2017: 60 tips in 60 minutes
ABA TECHSHOW 2017: 60 tips in 60 minutesABA TECHSHOW 2017: 60 tips in 60 minutes
ABA TECHSHOW 2017: 60 tips in 60 minutesClio - Cloud-Based Legal Technology
 
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオンKeisuke Kadoyama
 
The traditional data center is dead: How to win with hybrid DR
The traditional data center is dead: How to win with hybrid DRThe traditional data center is dead: How to win with hybrid DR
The traditional data center is dead: How to win with hybrid DRClearSky Data
 
CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017CanSecWest
 
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...HubSpot
 
Add the Women Back: Wikipedia Edit-a-Thon
Add the Women Back: Wikipedia Edit-a-ThonAdd the Women Back: Wikipedia Edit-a-Thon
Add the Women Back: Wikipedia Edit-a-ThonHubSpot
 
Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6Security B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
Security? Who cares! - Brett Hardin
Security? Who cares! - Brett HardinSecurity? Who cares! - Brett Hardin
Security? Who cares! - Brett HardinSecurity B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Security B-Sides
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineSecurity B-Sides
 

Mais conteúdo relacionado

Destaque

1938 Propuesta de producción
1938 Propuesta de producción1938 Propuesta de producción
1938 Propuesta de producciónFrancisco Arias
 
Profissão bibliotecário: tendências e (im)possibilidades
Profissão bibliotecário: tendências e (im)possibilidadesProfissão bibliotecário: tendências e (im)possibilidades
Profissão bibliotecário: tendências e (im)possibilidadesSuelybcs .
 
TensorFlow XLA : AOT編 チラ見版
TensorFlow XLA : AOT編 チラ見版TensorFlow XLA : AOT編 チラ見版
TensorFlow XLA : AOT編 チラ見版Mr. Vengineer
 
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_markCSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_markCanSecWest
 
Zabbix 3.4の新機能 @OSC 2017 Tokyo/Spring
Zabbix 3.4の新機能 @OSC 2017 Tokyo/SpringZabbix 3.4の新機能 @OSC 2017 Tokyo/Spring
Zabbix 3.4の新機能 @OSC 2017 Tokyo/SpringAtsushi Tanaka
 
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオンKeisuke Kadoyama
 
The traditional data center is dead: How to win with hybrid DR
The traditional data center is dead: How to win with hybrid DRThe traditional data center is dead: How to win with hybrid DR
The traditional data center is dead: How to win with hybrid DRClearSky Data
 
CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017CanSecWest
 
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...HubSpot
 
Add the Women Back: Wikipedia Edit-a-Thon
Add the Women Back: Wikipedia Edit-a-ThonAdd the Women Back: Wikipedia Edit-a-Thon
Add the Women Back: Wikipedia Edit-a-ThonHubSpot
 

Destaque (11)

1938 Propuesta de producción
1938 Propuesta de producción1938 Propuesta de producción
1938 Propuesta de producción
 
Profissão bibliotecário: tendências e (im)possibilidades
Profissão bibliotecário: tendências e (im)possibilidadesProfissão bibliotecário: tendências e (im)possibilidades
Profissão bibliotecário: tendências e (im)possibilidades
 
TensorFlow XLA : AOT編 チラ見版
TensorFlow XLA : AOT編 チラ見版TensorFlow XLA : AOT編 チラ見版
TensorFlow XLA : AOT編 チラ見版
 
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_markCSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
CSW2017 Peng qiu+shefang-zhong win32k -dark_composition_finnal_finnal_rm_mark
 
Zabbix 3.4の新機能 @OSC 2017 Tokyo/Spring
Zabbix 3.4の新機能 @OSC 2017 Tokyo/SpringZabbix 3.4の新機能 @OSC 2017 Tokyo/Spring
Zabbix 3.4の新機能 @OSC 2017 Tokyo/Spring
 
ABA TECHSHOW 2017: 60 tips in 60 minutes
ABA TECHSHOW 2017: 60 tips in 60 minutesABA TECHSHOW 2017: 60 tips in 60 minutes
ABA TECHSHOW 2017: 60 tips in 60 minutes
 
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン
[JAWS DAYS 2017 ワークショップ] 不安で夜眠れないAWSアカウント管理者に送る処方箋という名のハンズオン
 
The traditional data center is dead: How to win with hybrid DR
The traditional data center is dead: How to win with hybrid DRThe traditional data center is dead: How to win with hybrid DR
The traditional data center is dead: How to win with hybrid DR
 
CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017CSW2017 Qidan he+Gengming liu_cansecwest2017
CSW2017 Qidan he+Gengming liu_cansecwest2017
 
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...
Modern Prospecting Techniques for Connecting with Prospects (from Sales Hacke...
 
Add the Women Back: Wikipedia Edit-a-Thon
Add the Women Back: Wikipedia Edit-a-ThonAdd the Women Back: Wikipedia Edit-a-Thon
Add the Women Back: Wikipedia Edit-a-Thon
 

Mais de Security B-Sides

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atlSecurity B-Sides
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c Security B-Sides
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Security B-Sides
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySecurity B-Sides
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...Security B-Sides
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonSecurity B-Sides
 
Security? Who cares! - Brett Hardin
Security? Who cares! - Brett HardinSecurity? Who cares! - Brett Hardin
Security? Who cares! - Brett HardinSecurity B-Sides
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Security B-Sides
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Security B-Sides
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineSecurity B-Sides
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsSecurity B-Sides
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldSecurity B-Sides
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?Security B-Sides
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the faceSecurity B-Sides
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Security B-Sides
 

Mais de Security B-Sides (20)

Lord of the bing b-sides atl
Lord of the bing b-sides atlLord of the bing b-sides atl
Lord of the bing b-sides atl
 
The road to hell v0.6
The road to hell v0.6The road to hell v0.6
The road to hell v0.6
 
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c 2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
 
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
Tastes Great vs Less Filling: Deconstructing Risk Management (A Practical App...
 
Social Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike BaileySocial Penetration - Mike Murray and Mike Bailey
Social Penetration - Mike Murray and Mike Bailey
 
How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...How really to prepare for a credit card compromise (PCI) forensics investigat...
How really to prepare for a credit card compromise (PCI) forensics investigat...
 
Risk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex HuttonRisk Management - Time to blow it up and start over? - Alex Hutton
Risk Management - Time to blow it up and start over? - Alex Hutton
 
Security? Who cares! - Brett Hardin
Security? Who cares! - Brett HardinSecurity? Who cares! - Brett Hardin
Security? Who cares! - Brett Hardin
 
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
Advanced Persistent Threats (Shining the Light on the Industries' Best Kept S...
 
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
Computing Risk without Numbers: A Semantic Approach to Risk Metrics - Tim Ke...
 
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio VaccineThe Great Compliance Debate: No Child Left Behind or The Polio Vaccine
The Great Compliance Debate: No Child Left Behind or The Polio Vaccine
 
Dominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource toolsDominique Karg - Advanced Attack Detection using OpenSource tools
Dominique Karg - Advanced Attack Detection using OpenSource tools
 
2009 Zacon Haroon Meer
2009 Zacon Haroon Meer2009 Zacon Haroon Meer
2009 Zacon Haroon Meer
 
Enterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the GoldEnterprise Portals - Gateway to the Gold
Enterprise Portals - Gateway to the Gold
 
From fishing to phishing to ?
From fishing to phishing to ?From fishing to phishing to ?
From fishing to phishing to ?
 
Getting punched in the face
Getting punched in the faceGetting punched in the face
Getting punched in the face
 
Make Tea Not War
Make Tea Not WarMake Tea Not War
Make Tea Not War
 
OWASP Proxy
OWASP ProxyOWASP Proxy
OWASP Proxy
 
Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)Smashing the stats for fun (and profit)
Smashing the stats for fun (and profit)
 
Exploitation
ExploitationExploitation
Exploitation
 

Último

My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 

Último (20)

My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 

My Life on the Infosec D-List - Andrew Hay

  • 1. Monday, March 8, 2010 BSides San Franc#co March 2, 2010
  • 2. Who’s the Guy in the Dress? • Why that devastatingly handsome man is Andrew Hay! • Blogger • www.andrewhay.ca • Published author • www.andrewhay.ca/books • All around nice guy Monday, March 8, 2010
  • 3. What is the D-List? Few celebrities in the information security industry Many of us are relegated to obscurity on day one of our security careers Some are happy while others work to claw their way out of obscurity Monday, March 8, 2010 Well, the idea came up at a conference (I can’t recall which one) that there were very few celebrities in the information security industry. As such, many of us are relegated to the D- List on day one of our security careers. Though some are happy to sleep in the “career basement”, others work to claw their way to the top and out of obscurity. That, boys and girls, is the story of how the D-List came to be.
  • 4. Who’s Who In the Subjective Zoo? • Very few people consider themselves “A-List” 1% 5% • Many people think they’re 10% higher than “D-List” • Some don’t even think they’re worthy of “D-List” 84% status A-List B-List Note - 47% of all statistics are made up at least 75.2% of the time. C-List D-List (a.k.a. Everyone Else) Monday, March 8, 2010
  • 5. Who’s A-List? Monday, March 8, 2010 Everyone in this room should be able to name someone they consider an “A-List” information security celebrity.
  • 6. Who’s B- and C-List? Monday, March 8, 2010 The “B-List” and “C-List” is sometimes even more subjective. Many people think that they’re in this range. Sometimes it’s driven by ego, sometimes by accomplishments, but, in reality, you’re at this level when your peers and “the industry” agree you are.
  • 7. Who’s D-List? Monday, March 8, 2010 What about the “D-List”? Who of you feel that you fall onto the “D-List”? Odds are, if you think you are then you probably are. But is this really a bad thing?
  • 8. D I - L S T ! Strength in Numbers? Monday, March 8, 2010
  • 9. Knowing where to start is hard... Monday, March 8, 2010 Knowing where to start is hard, there is no question about it.
  • 10. In the Beginning... Monday, March 8, 2010 In the beginning, if you are like me, you don’t really know how to get started in information security.
  • 11. Blogging & Writing Online Conferences, Communities Gatherings & Groups Social Networking Monday, March 8, 2010 Starting a blog is an easy way to to get you and your message out there. Writing articles, books, and papers are another way.
  • 13. Questions? Andrew Hay Email: andrewsmhay@gmail.com Blog: www.andrewhay.ca Phone: (403) 360-6367 Monday, March 8, 2010