May 1, 2025 • 22 mins
Ready to break down the intimidating barriers of cybersecurity conferences? Join us for an eye-opening conversation with Josh Mason, a former Air Force pilot and cyber warfare officer who's on a mission to make the industry more accessible to newcomers.
Josh shares his personal journey from military service into the cybersecurity field, revealing the challenges he faced along the way and how those experiences inspired him to help others navigate similar paths. As the creator of DEF CON's upcoming Noob Village, he's tackling a problem many have whispered about but few have addressed: the often overwhelming nature of hacking conferences for first-time attendees.
The Noob Village concept is refreshingly innovative - creating a dedicated space where beginners can find guidance, connections, and support without judgment. We explore the unique features of this initiative, including a beginner-friendly CTF with a twist: participants earn recognition not just for solving challenges but also for helping others succeed. With talks from industry experts like Jason Haddix and Philip Wiley, plus a "No Stupid Questions" table staffed by friendly volunteers, the village promises to transform how newcomers experience DEF CON.
Perhaps most valuable is Josh's insight into effective networking in cybersecurity. Forget strategic business card exchanges - he advocates for simply showing up with a friendly attitude and genuine curiosity. Through his experiences at conferences like Wild West Hacking Fest (which he describes as feeling like "a family reunion I look forward to"), we discover how the most meaningful professional connections often start with casual conversations and shared experiences.
Curious about breaking into cybersecurity or making industry events more inclusive? This episode offers practical wisdom, encouragement, and a reminder that behind every intimidating technical challenge is a community of people eager to help you succeed. Connect with the Noob Village Discord community at noobvillage.org/Discord and discover how you can contribute to making cybersecurity more welcoming for everyone.
Socials
- Join our Chipmunk community Discord server: https://discord.gg/9yfWP6evYQ
- Follow us on Twitter: https://twitter.com/SecChipmunk
- You can find us online at: https://securitychipmunks.com
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
is from a cooperative project for acquiring skills
essential to learning.
Welcome to another episode ofSecurity Chipmunks, where we
keep chipping away at it.
I'm your host, edna Johnson,I'm here with my co-host, neil
Smalley, and today we have ourguest Josh Mason.
Josh, go ahead and tell usabout yourself.
Speaker 2 (00:22):
Hey, thanks for having me, edna and Neil.
I'm a former Air Force pilotand cyber warfare officer.
I've taught cybersecurity aftergetting out.
I've now gotten into the salesside after doing some consulting
work with pen testing companies, and I like helping people get
(00:44):
into cyber myself.
It was about five years ago,beginning of 2020, I got out of
the Air Force and I learned howhard it is to get a job in cyber
, and so since then, I've beentrying to help other people use
the tools that I found along theway help other people use the
(01:08):
tools that I found along the way.
Speaker 1 (01:10):
Yeah, that's awesome.
I love that you not only likefigured out how to get into
cyber for yourself, but you'realso helping other people around
you and lifting them up andhelping them figure out how to
get into cybersecurity.
It's really kind of you.
So I heard that you have avillage that's coming up at DEF
CON.
Speaker 3 (01:30):
Noob.
Speaker 1 (01:31):
Village, so that's really exciting.
What can people look forward toat Noob Village?
Speaker 2 (01:38):
So one of the things I had heard about DEF CON was
that it's not very noob friendly.
Unless you know people or you'vebeen around for a while or you
know what you want, def CON canbe kind of overwhelming.
So I had the idea a few yearsago to have a whole village
where it could be hey, if you'renew, show up here first, we'll
(02:02):
help you out, we'll point you tothings, we'll connect you with
people, and so that's a littlebit of what Noob Village is
doing and we're workingalongside.
We've got friends in LonelyHackers Club, we've got friends
at the Diana Initiative, and soall three of us are actually
communities kind of in the samespace on the second floor where
(02:22):
we'll be having a super new,friendly CTF and an area where,
if someone doesn't know how todo a CTF or they're wary,
they're brand new, they haven'twon a black badge at a wild west
acting fest and they want toget into it, we're going to have
people there willing to answerquestions, happy to walk them
(02:44):
through things.
We're actually going to evenhave like a pro-am sort of thing
.
There's going to be a award forsome people doing the CTF.
There's also going to be areward for people helping.
So if you're a helper you canregister.
I'm used to VAR sales or likepartner sales or like you
(03:09):
register a deal, so then you getthe benefits of that deal.
Oh, yeah.
So we're kind of going to bedoing that here where, oh, I
helped Susie with this challengeand she passed it, so I'm
registering that and now I getpoints, and so there's going to
be the regular scoreboard butalso the helper scoreboard.
(03:30):
Be like who can be the mosthelpful?
Speaker 1 (03:33):
That's pretty cool.
Speaker 2 (03:35):
Yeah, we're going to have some like CINAC red team is
actually going to be sponsoringthe prize.
So next week, when all the legostuff goes on sale on, uh, may
4th, we're gonna get some reallyhuge uh lego sets like a
millennium falcon or so, uh thedeath star, things along those
(03:59):
lines for those those are gonnabe prizes don't know when you
say le stuff is coming out, whatare we talking about here?
So have you seen the LegoMillennium Falcon?
Speaker 3 (04:12):
I know there's been different versions of Lego
Millennium Falcons through theyears, but I wasn't aware of any
new ones coming out.
Speaker 2 (04:19):
Not new.
They just go on sale on StarWars Day, may 4th, because may
the 4th be with you, right?
So we'll see what cool stuffcomes out on sale, gotcha.
Speaker 3 (04:35):
I just wasn't sure if it was like a special Cynac
edition or something oh, weshould talk to people about that
yeah, you can also make likecustom lego figurines.
Speaker 1 (04:48):
I love legos so you can make them custom and like
you could put like noob villageon the back of it or something
that would be kind of cool thatwould be cool.
Speaker 2 (05:01):
A lot of the ideation that we're doing is in Discord
and if anyone wants to go tonoobvillageorg forward, slash
Discord, we'll take them to thelink to our Discord and really
anyone can jump in with ideas.
I don't know if it's the bestway to do things, but it's what
I'm doing and it's working outreally well.
Speaker 1 (05:23):
That's great.
I really love that.
You're encouraging people tohelp out and get involved and
volunteer and getting otherpeople involved.
That's great.
It's wild.
Speaker 2 (05:35):
I didn't know what to expect, which is, I should have
known to expect some things.
I've been volunteering withSimply Cyber and I used to
volunteer with Cyber andSecurity, and I've worked with
Wild West Hacking Fest, andthere's plenty of people who
will raise their hand andvolunteer.
There's people who will makepodcasts to help out new people
(05:58):
and people to do mentoring andspeak on the topics, and so it
shouldn't be that surprising.
But at the same time, I waslike I don't have anyone who's
like I'm in.
If you do this, it was well,I'm here, I'm doing this.
Who wants to help?
And the server's got like 250people in it now.
Speaker 3 (06:19):
And I invited a few, you know.
Speaker 2 (06:21):
I invited Wade and Philip Wiley and, uh, you know
yeah, folks, folks yeah yeaheddie and etc.
Um, but organically.
Uh, just people saw things onlinkedin or on reddit and were
like I want to help with that, Iwant to be part of that and
it's really, really freakingcool.
Speaker 1 (06:44):
Yeah, that's awesome.
Speaker 2 (06:46):
One of the other things that we're going to have
is a no stupid questions tablewhere we'll answer anything
Career stuff, def, con stuff,hacking stuff.
There's no stupid question.
If we don't know, we will findit out.
And yeah, one of the greatthings, we put together these
(07:08):
ideas, we brainstormed and thenwe like pick the stuff and now
I've assigned them to leads andI'm kind of leaving it up to
them to flesh out the managing,the managers.
It's wild.
Speaker 1 (07:23):
Yeah, that's awesome, so you're delegating.
Exactly, it's the yeah, that'sawesome, so you're delegating.
Speaker 2 (07:27):
Exactly.
Speaker 1 (07:28):
It's the best way to get stuff done.
When you get others to help,you get the work done 100%.
Speaker 2 (07:34):
You know what it's like running.
You do the local death conright?
Yeah, I do.
Speaker 1 (07:43):
I organize with DC 407.
Speaker 2 (07:45):
Yeah, and like it can be a lot of moving parts yes
finding people who will takesomething and run with it takes
a lot of the pressure off.
Speaker 1 (07:57):
I I find yeah, so I heard there's going to be talks.
Speaker 2 (08:03):
Yeah.
Speaker 1 (08:04):
What kind of talks are you going to have?
Speaker 2 (08:06):
We're going to have CTF one-on-one type talks, uh,
from uh, ben Nomsack.
Uh, I also have LinkedIn on myother window.
Jason Haddix just got back tome.
He's doing a talk on like bugbounty 101.
Tyler Ransby is going to do aweb app, pen testing 101 and a
new friendly stuff.
(08:26):
Actually, I think I'm workingwith them to actually have a
challenge in the CTF and they'llwalk people through that
challenge and then it'll beeasily repeatable if they want
to do it themselves.
Phillip Wiley is going to do a.
I asked him if he'd do hisPentester Blueprint talk, so
(08:54):
he's on board for that.
Alith Dennis is going do um atalk.
I asked her to do like an introon osint and social engineering
.
Um, I've got a whole list, Ishould just pull that up.
Speaker 3 (09:04):
But yeah, a bunch of talks those are like phenomenal
speakers yes, it's funny, youbring up the blue tester, uh,
the pen tester blueprint.
I actually uh have that on mydesk right here, so nice yeah
one of the first ones I got.
Speaker 2 (09:23):
I yeah nice.
And it's a weird world where Iremember hearing philip's
podcast and seeing him on linkedLinkedIn and getting the book
and reading through that andthen bumping into him at stuff.
Or when he was at differentcompanies, I was like well, they
(09:43):
say to reach out to someonewho's at that company to ask
things, so pinged him onLinkedIn, ask some questions.
He's like here's my phonenumber, give me a call.
And we chatted and yeah, greatfriend, hung out at a bunch of
different conferences and I loveit, it's awesome.
Speaker 3 (10:05):
That's what I've been discovering.
People are just so nice andwilling to help you out if you
just ask them.
Speaker 2 (10:11):
Yeah, it's one of those things where I think we
think of like the celebrityHollywood or like politician
people on TV kind of world andlike they're distant and so like
.
Then in like cybersecurity,we've got people who show up on
things, who host podcasts or whospeak at conferences and we're
(10:33):
like, oh, that's like acelebrity, but it's just a
person who either has like a lowtolerance for shame, like
myself, who's willing to justshow up and look stupid, or just
friendly people willing to helpout.
So yeah, it's wild.
Willing to help out, so yeah.
Speaker 1 (10:57):
It's wild, yeah, and those people are so willing to
help others and it's kind of whythey volunteer and put
themselves out there.
But the people that you seethat you think are like huge
celebrities.
Some of them are likeoverwhelmed with messages, but
some of them, like the morelocal ones and and people who
(11:18):
you are in your community, nearyou, they welcome you, reaching
out and asking questions and, um, learning more about the field
and stuff like that.
So it's pretty cool.
Speaker 2 (11:31):
There's uh, I don't know, but you guys, I, I get, or
you'll I get a ton of ummessages on LinkedIn that are
spam, like people's trying tosell me things or recruiters
trying to hire me people.
I don't know, I don't know whatthey're trying to sell.
It's really annoying.
But then, every once in a while, I'll get someone who's like
(11:53):
new and they're like oh, I'mthinking about doing this like
excellent, that's the message Iwant to get.
I want to get the person who'slike hey, I've been studying
this, is that going to help meget a job?
So then I can, you know, gointo the whole spiel and like
share all the knowledge and helpout.
Um, I love getting those, but Ithink people are scared of
(12:14):
being like I don't want to takeup your time, but people show up
with questions, like questionsthat they want answers to, like
I.
I know I'm not alone, becauseI've heard other folks share the
same things and you're nodding,so I assume that you feel
similar.
Speaker 1 (12:32):
So yeah, I I love helping people who are new to
the field and want to know,because I know like when you're
first getting into this, youdon't know what this career is
like.
You don't, you don't know thelandscape and you're trying to
figure it out.
And there's some things thatyou can read online, but it it
(12:53):
helps to have somebody that'sbeen there before and can guide
you, and so it's great when youcan ask for help and get some
guidance.
Speaker 2 (13:02):
Exactly.
Speaker 1 (13:03):
Yeah.
Speaker 2 (13:04):
I'm actually uh, that reminds me I'm horrible at uh,
I'm actually working on a bookwith packed right now, uh,
beginner's guide tocybersecurity.
That is amazing.
I've been trying to like putall the stuff that I know in
there, um I love that that'sgonna be, awesome I'm looking
(13:24):
forward to it coming out.
Um, my editors don't really getmy vision for it.
They keep wanting me to make itlike a textbook, mm-hmm.
Speaker 1 (13:34):
People aren't going to read a textbook.
Yeah.
Speaker 2 (13:37):
Exactly.
Speaker 1 (13:39):
Yeah, I think PACT does have a lot of history with
making textbook type of material, so I can understand that.
But yeah, I get that you'retrying to not make a textbook,
you're trying to get somethingthat people want to read.
They want to go not just likethey took a class and have to
read it, but like I actuallywant to read, they want to go,
not just like they took a classand have to read it, but like I
actually want to read thisbecause it's so interesting.
Speaker 2 (13:59):
Yeah right, that's, that's the goal.
Um, I've got I know I've got aunique voice, uh, in the space
and so, but I don't know peoplereact to it in positive ways, so
that's continue to do my thing.
Hopefully it, yeah, keepsworking.
Speaker 1 (14:18):
Yeah, so I know that you breaking into the field, you
did a lot of volunteering.
So, like, in your volunteeringtime, what has been your most
like favorite volunteer activitythat you did and what do you
feel like has been your mostfavorite volunteer activity that
you did and what do you feellike has been the most impactful
(14:40):
?
Speaker 2 (14:40):
Ooh, my favorite, I think, remains Wild West Hacking
Fest it's.
It always feels like either achurch retreat or like a family
reunion that I look forward to,if that makes sense.
(15:03):
I've been to Wild WestHackenfest so it makes sense to
me but, like for our listenerswho may have not been to Wild
West Hackenfest, it's more likea summer camp than anything else
, except your activities aretalking about hacking or
(15:24):
defending or discussing policywith you know, leadership, that
sort of thing.
And then the people who you'reinteracting with live and
breathe the same struggles thatyou do both at the job, trying
to get the job, like um, uharound all the technical pieces
(15:46):
and the non-technical pieces,and it's uh, it's one of those
things.
It's not easy to get toDeadwood, south Dakota.
The scenery is worth it though,yeah, you got to fly out there
and then get on the bus or renta car.
If you're, I show up.
I showed up early last year andI'm going to this year to help
(16:08):
out with training, so the busesare running on that day Cause
there's like five of us.
Yeah, but you get out there andthen you're kind of in the
middle of nowhere, all thesecasinos and little hotels and
like it's uh cute and it's, youknow, quaint in the mountains
and everyone is super nice.
(16:31):
John's like first and secondrule is it's not, you know,
don't talk about fire club, it'sbe kind.
And the second rule is be kind.
And so you just end up withlike this very friendly feeling
from everyone and uh, instead of, but you still get quality
(16:54):
stuff Instead of, but you stillget quality stuff Like some of
the most skilled or experiencedfolks in the community are there
contributing and they'refriendly and they want to hang
out and do like who's slide isit anyways?
Or karaoke, or play magic, thegathering.
(17:17):
I've got a picture from lastyear of a bunch of us with Jerry
Osher and Bo Bullock and ZachHill and man, why am I blanking?
Kennedy, trusted Zach, daveKennedy.
Speaker 1 (17:37):
Dave Trusted Sack, dave Kennedy, Dave Kennedy, dave
Kennedy and Dave.
Speaker 2 (17:40):
Kennedy.
And then a bunch of other, justrandom, like folks who are
brand new, all playing Magic theGathering and I think Bo beat
Dave Nice, but like that's whatyou get.
There is like people who likeown cybersecurity companies or
companies or like are the lead,like instructor for cloud pen
testing, oh, and like reallyhelpful folks just there to hang
(18:05):
out and, you know, make newfriends themselves.
Speaker 1 (18:11):
Frankly, yeah, that's awesome.
Speaker 2 (18:15):
Yeah.
Speaker 1 (18:16):
Yeah, I love the vibe when I go to Wild West Hackfest
.
Everybody's so nice andeverybody's friendly and there's
no egos there.
You're just an attendee andthat's an attendee, and you're
just there to have fun Exactly.
Speaker 3 (18:30):
And I mean, isn't that what networking is really
about?
Like people ask, how do Inetwork?
And it's like, well, makefriends, yeah be friendly.
Speaker 2 (18:40):
Like show up and be friendly.
Like there's plenty of placeson social media or um, on like
on youtube live streams or onlinkedin or discord communities
or at conferences.
Like just show up and befriendly.
It's not to be great atanything, you don't have to be
(19:03):
an expert, you don't have toknow a whole lot, but if you're
friendly, like man, that'll gofar.
I can take a friendly personwilling to put in some work and,
like turn them into somethinghuge.
So yeah, so, yeah.
So people who are like I don'tknow I don't run into many of
them, people who aren't friendly, I don't know, I don't know
(19:29):
where those people are.
Fortunately I don't reallyattract them.
They don't like my vibe orsomething.
That's fine.
Speaker 1 (19:35):
Yeah, that works for me.
Nice, they don't like my vibeor something.
That's fine.
Yeah, nice, um, all right.
So getting back to the thequestion with volunteering, your
favorite volunteering was wildwest.
Speaker 2 (19:50):
yeah, yeah, um, I'm really looking forward to new
village.
It's hoping it fills a gap,that it fulfills a need, and
there's a little bit of me whereI constantly wonder, like, do I
(20:10):
just think that we need thatthing?
Am I being like full of myself?
But I'm really hoping it itdoes go places.
Um, the most impactful I don'tknow uh, I've run into folks all
over the place.
I made some of the videos andhelped with the test for um or
(20:32):
I'm mostly qa'd and ideated withalexiersploit on EJPT version
two.
So like sometimes people walkup to me and be like oh hey, I
took the test and I recognizeyou from videos Like that's
awesome.
Some people from podcasts, somefrom Simply Cyber, some from
(20:52):
other talks I've done I neverknow what's going to hit with
people and I'm always surprisedand like I don't know.
It feels really nice to hearsomeone be like oh hey, this
really helped.
It's like, oh, I'm glad, that'sthat.
That was the goal.
Speaker 3 (21:14):
Yeah.
You just never know who isgoing to be affected by what you
put out there.
So it's definitely a journeyand experience to uh find that
out for sure, exactly.
Speaker 2 (21:32):
Exactly.
Speaker 1 (21:40):
All right, Well, thank you so much for being on
the podcast.
Please make sure to like,follow and subscribe, and we'll
catch you on the next episode ofSecurity Chipmunks.
Keep chipping away at it.
is from a cooperative project for acquiring skills
essential to learning.
Welcome to another episode ofSecurity Chipmunks, where we
keep chipping away at it.
I'm your host, edna Johnson,I'm here with my co-host, neil
Smalley, and today we have ourguest Josh Mason.
Josh, go ahead and tell usabout yourself.
Speaker 2 (00:22):
Hey, thanks for having me, edna and Neil.
I'm a former Air Force pilotand cyber warfare officer.
I've taught cybersecurity aftergetting out.
I've now gotten into the salesside after doing some consulting
work with pen testing companies, and I like helping people get
(00:44):
into cyber myself.
It was about five years ago,beginning of 2020, I got out of
the Air Force and I learned howhard it is to get a job in cyber
, and so since then, I've beentrying to help other people use
the tools that I found along theway help other people use the
(01:08):
tools that I found along the way.
Speaker 1 (01:10):
Yeah, that's awesome.
I love that you not only likefigured out how to get into
cyber for yourself, but you'realso helping other people around
you and lifting them up andhelping them figure out how to
get into cybersecurity.
It's really kind of you.
So I heard that you have avillage that's coming up at DEF
CON.
Speaker 3 (01:30):
Noob.
Speaker 1 (01:31):
Village, so that's really exciting.
What can people look forward toat Noob Village?
Speaker 2 (01:38):
So one of the things I had heard about DEF CON was
that it's not very noob friendly.
Unless you know people or you'vebeen around for a while or you
know what you want, def CON canbe kind of overwhelming.
So I had the idea a few yearsago to have a whole village
where it could be hey, if you'renew, show up here first, we'll
(02:02):
help you out, we'll point you tothings, we'll connect you with
people, and so that's a littlebit of what Noob Village is
doing and we're workingalongside.
We've got friends in LonelyHackers Club, we've got friends
at the Diana Initiative, and soall three of us are actually
communities kind of in the samespace on the second floor where
(02:22):
we'll be having a super new,friendly CTF and an area where,
if someone doesn't know how todo a CTF or they're wary,
they're brand new, they haven'twon a black badge at a wild west
acting fest and they want toget into it, we're going to have
people there willing to answerquestions, happy to walk them
(02:44):
through things.
We're actually going to evenhave like a pro-am sort of thing
.
There's going to be a award forsome people doing the CTF.
There's also going to be areward for people helping.
So if you're a helper you canregister.
I'm used to VAR sales or likepartner sales or like you
(03:09):
register a deal, so then you getthe benefits of that deal.
Oh, yeah.
So we're kind of going to bedoing that here where, oh, I
helped Susie with this challengeand she passed it, so I'm
registering that and now I getpoints, and so there's going to
be the regular scoreboard butalso the helper scoreboard.
(03:30):
Be like who can be the mosthelpful?
Speaker 1 (03:33):
That's pretty cool.
Speaker 2 (03:35):
Yeah, we're going to have some like CINAC red team is
actually going to be sponsoringthe prize.
So next week, when all the legostuff goes on sale on, uh, may
4th, we're gonna get some reallyhuge uh lego sets like a
millennium falcon or so, uh thedeath star, things along those
(03:59):
lines for those those are gonnabe prizes don't know when you
say le stuff is coming out, whatare we talking about here?
So have you seen the LegoMillennium Falcon?
Speaker 3 (04:12):
I know there's been different versions of Lego
Millennium Falcons through theyears, but I wasn't aware of any
new ones coming out.
Speaker 2 (04:19):
Not new.
They just go on sale on StarWars Day, may 4th, because may
the 4th be with you, right?
So we'll see what cool stuffcomes out on sale, gotcha.
Speaker 3 (04:35):
I just wasn't sure if it was like a special Cynac
edition or something oh, weshould talk to people about that
yeah, you can also make likecustom lego figurines.
Speaker 1 (04:48):
I love legos so you can make them custom and like
you could put like noob villageon the back of it or something
that would be kind of cool thatwould be cool.
Speaker 2 (05:01):
A lot of the ideation that we're doing is in Discord
and if anyone wants to go tonoobvillageorg forward, slash
Discord, we'll take them to thelink to our Discord and really
anyone can jump in with ideas.
I don't know if it's the bestway to do things, but it's what
I'm doing and it's working outreally well.
Speaker 1 (05:23):
That's great.
I really love that.
You're encouraging people tohelp out and get involved and
volunteer and getting otherpeople involved.
That's great.
It's wild.
Speaker 2 (05:35):
I didn't know what to expect, which is, I should have
known to expect some things.
I've been volunteering withSimply Cyber and I used to
volunteer with Cyber andSecurity, and I've worked with
Wild West Hacking Fest, andthere's plenty of people who
will raise their hand andvolunteer.
There's people who will makepodcasts to help out new people
(05:58):
and people to do mentoring andspeak on the topics, and so it
shouldn't be that surprising.
But at the same time, I waslike I don't have anyone who's
like I'm in.
If you do this, it was well,I'm here, I'm doing this.
Who wants to help?
And the server's got like 250people in it now.
Speaker 3 (06:19):
And I invited a few, you know.
Speaker 2 (06:21):
I invited Wade and Philip Wiley and, uh, you know
yeah, folks, folks yeah yeaheddie and etc.
Um, but organically.
Uh, just people saw things onlinkedin or on reddit and were
like I want to help with that, Iwant to be part of that and
it's really, really freakingcool.
Speaker 1 (06:44):
Yeah, that's awesome.
Speaker 2 (06:46):
One of the other things that we're going to have
is a no stupid questions tablewhere we'll answer anything
Career stuff, def, con stuff,hacking stuff.
There's no stupid question.
If we don't know, we will findit out.
And yeah, one of the greatthings, we put together these
(07:08):
ideas, we brainstormed and thenwe like pick the stuff and now
I've assigned them to leads andI'm kind of leaving it up to
them to flesh out the managing,the managers.
It's wild.
Speaker 1 (07:23):
Yeah, that's awesome, so you're delegating.
Exactly, it's the yeah, that'sawesome, so you're delegating.
Speaker 2 (07:27):
Exactly.
Speaker 1 (07:28):
It's the best way to get stuff done.
When you get others to help,you get the work done 100%.
Speaker 2 (07:34):
You know what it's like running.
You do the local death conright?
Yeah, I do.
Speaker 1 (07:43):
I organize with DC 407.
Speaker 2 (07:45):
Yeah, and like it can be a lot of moving parts yes
finding people who will takesomething and run with it takes
a lot of the pressure off.
Speaker 1 (07:57):
I I find yeah, so I heard there's going to be talks.
Speaker 2 (08:03):
Yeah.
Speaker 1 (08:04):
What kind of talks are you going to have?
Speaker 2 (08:06):
We're going to have CTF one-on-one type talks, uh,
from uh, ben Nomsack.
Uh, I also have LinkedIn on myother window.
Jason Haddix just got back tome.
He's doing a talk on like bugbounty 101.
Tyler Ransby is going to do aweb app, pen testing 101 and a
new friendly stuff.
(08:26):
Actually, I think I'm workingwith them to actually have a
challenge in the CTF and they'llwalk people through that
challenge and then it'll beeasily repeatable if they want
to do it themselves.
Phillip Wiley is going to do a.
I asked him if he'd do hisPentester Blueprint talk, so
(08:54):
he's on board for that.
Alith Dennis is going do um atalk.
I asked her to do like an introon osint and social engineering
.
Um, I've got a whole list, Ishould just pull that up.
Speaker 3 (09:04):
But yeah, a bunch of talks those are like phenomenal
speakers yes, it's funny, youbring up the blue tester, uh,
the pen tester blueprint.
I actually uh have that on mydesk right here, so nice yeah
one of the first ones I got.
Speaker 2 (09:23):
I yeah nice.
And it's a weird world where Iremember hearing philip's
podcast and seeing him on linkedLinkedIn and getting the book
and reading through that andthen bumping into him at stuff.
Or when he was at differentcompanies, I was like well, they
(09:43):
say to reach out to someonewho's at that company to ask
things, so pinged him onLinkedIn, ask some questions.
He's like here's my phonenumber, give me a call.
And we chatted and yeah, greatfriend, hung out at a bunch of
different conferences and I loveit, it's awesome.
Speaker 3 (10:05):
That's what I've been discovering.
People are just so nice andwilling to help you out if you
just ask them.
Speaker 2 (10:11):
Yeah, it's one of those things where I think we
think of like the celebrityHollywood or like politician
people on TV kind of world andlike they're distant and so like
.
Then in like cybersecurity,we've got people who show up on
things, who host podcasts or whospeak at conferences and we're
(10:33):
like, oh, that's like acelebrity, but it's just a
person who either has like a lowtolerance for shame, like
myself, who's willing to justshow up and look stupid, or just
friendly people willing to helpout.
So yeah, it's wild.
Willing to help out, so yeah.
Speaker 1 (10:57):
It's wild, yeah, and those people are so willing to
help others and it's kind of whythey volunteer and put
themselves out there.
But the people that you seethat you think are like huge
celebrities.
Some of them are likeoverwhelmed with messages, but
some of them, like the morelocal ones and and people who
(11:18):
you are in your community, nearyou, they welcome you, reaching
out and asking questions and, um, learning more about the field
and stuff like that.
So it's pretty cool.
Speaker 2 (11:31):
There's uh, I don't know, but you guys, I, I get, or
you'll I get a ton of ummessages on LinkedIn that are
spam, like people's trying tosell me things or recruiters
trying to hire me people.
I don't know, I don't know whatthey're trying to sell.
It's really annoying.
But then, every once in a while, I'll get someone who's like
(11:53):
new and they're like oh, I'mthinking about doing this like
excellent, that's the message Iwant to get.
I want to get the person who'slike hey, I've been studying
this, is that going to help meget a job?
So then I can, you know, gointo the whole spiel and like
share all the knowledge and helpout.
Um, I love getting those, but Ithink people are scared of
(12:14):
being like I don't want to takeup your time, but people show up
with questions, like questionsthat they want answers to, like
I.
I know I'm not alone, becauseI've heard other folks share the
same things and you're nodding,so I assume that you feel
similar.
Speaker 1 (12:32):
So yeah, I I love helping people who are new to
the field and want to know,because I know like when you're
first getting into this, youdon't know what this career is
like.
You don't, you don't know thelandscape and you're trying to
figure it out.
And there's some things thatyou can read online, but it it
(12:53):
helps to have somebody that'sbeen there before and can guide
you, and so it's great when youcan ask for help and get some
guidance.
Speaker 2 (13:02):
Exactly.
Speaker 1 (13:03):
Yeah.
Speaker 2 (13:04):
I'm actually uh, that reminds me I'm horrible at uh,
I'm actually working on a bookwith packed right now, uh,
beginner's guide tocybersecurity.
That is amazing.
I've been trying to like putall the stuff that I know in
there, um I love that that'sgonna be, awesome I'm looking
(13:24):
forward to it coming out.
Um, my editors don't really getmy vision for it.
They keep wanting me to make itlike a textbook, mm-hmm.
Speaker 1 (13:34):
People aren't going to read a textbook.
Yeah.
Speaker 2 (13:37):
Exactly.
Speaker 1 (13:39):
Yeah, I think PACT does have a lot of history with
making textbook type of material, so I can understand that.
But yeah, I get that you'retrying to not make a textbook,
you're trying to get somethingthat people want to read.
They want to go not just likethey took a class and have to
read it, but like I actuallywant to read, they want to go,
not just like they took a classand have to read it, but like I
actually want to read thisbecause it's so interesting.
Speaker 2 (13:59):
Yeah right, that's, that's the goal.
Um, I've got I know I've got aunique voice, uh, in the space
and so, but I don't know peoplereact to it in positive ways, so
that's continue to do my thing.
Hopefully it, yeah, keepsworking.
Speaker 1 (14:18):
Yeah, so I know that you breaking into the field, you
did a lot of volunteering.
So, like, in your volunteeringtime, what has been your most
like favorite volunteer activitythat you did and what do you
feel like has been your mostfavorite volunteer activity that
you did and what do you feellike has been the most impactful
(14:40):
?
Speaker 2 (14:40):
Ooh, my favorite, I think, remains Wild West Hacking
Fest it's.
It always feels like either achurch retreat or like a family
reunion that I look forward to,if that makes sense.
(15:03):
I've been to Wild WestHackenfest so it makes sense to
me but, like for our listenerswho may have not been to Wild
West Hackenfest, it's more likea summer camp than anything else
, except your activities aretalking about hacking or
(15:24):
defending or discussing policywith you know, leadership, that
sort of thing.
And then the people who you'reinteracting with live and
breathe the same struggles thatyou do both at the job, trying
to get the job, like um, uharound all the technical pieces
(15:46):
and the non-technical pieces,and it's uh, it's one of those
things.
It's not easy to get toDeadwood, south Dakota.
The scenery is worth it though,yeah, you got to fly out there
and then get on the bus or renta car.
If you're, I show up.
I showed up early last year andI'm going to this year to help
(16:08):
out with training, so the busesare running on that day Cause
there's like five of us.
Yeah, but you get out there andthen you're kind of in the
middle of nowhere, all thesecasinos and little hotels and
like it's uh cute and it's, youknow, quaint in the mountains
and everyone is super nice.
(16:31):
John's like first and secondrule is it's not, you know,
don't talk about fire club, it'sbe kind.
And the second rule is be kind.
And so you just end up withlike this very friendly feeling
from everyone and uh, instead of, but you still get quality
(16:54):
stuff Instead of, but you stillget quality stuff Like some of
the most skilled or experiencedfolks in the community are there
contributing and they'refriendly and they want to hang
out and do like who's slide isit anyways?
Or karaoke, or play magic, thegathering.
(17:17):
I've got a picture from lastyear of a bunch of us with Jerry
Osher and Bo Bullock and ZachHill and man, why am I blanking?
Kennedy, trusted Zach, daveKennedy.
Speaker 1 (17:37):
Dave Trusted Sack, dave Kennedy, Dave Kennedy, dave
Kennedy and Dave.
Speaker 2 (17:40):
Kennedy.
And then a bunch of other, justrandom, like folks who are
brand new, all playing Magic theGathering and I think Bo beat
Dave Nice, but like that's whatyou get.
There is like people who likeown cybersecurity companies or
companies or like are the lead,like instructor for cloud pen
testing, oh, and like reallyhelpful folks just there to hang
(18:05):
out and, you know, make newfriends themselves.
Speaker 1 (18:11):
Frankly, yeah, that's awesome.
Speaker 2 (18:15):
Yeah.
Speaker 1 (18:16):
Yeah, I love the vibe when I go to Wild West Hackfest
.
Everybody's so nice andeverybody's friendly and there's
no egos there.
You're just an attendee andthat's an attendee, and you're
just there to have fun Exactly.
Speaker 3 (18:30):
And I mean, isn't that what networking is really
about?
Like people ask, how do Inetwork?
And it's like, well, makefriends, yeah be friendly.
Speaker 2 (18:40):
Like show up and be friendly.
Like there's plenty of placeson social media or um, on like
on youtube live streams or onlinkedin or discord communities
or at conferences.
Like just show up and befriendly.
It's not to be great atanything, you don't have to be
(19:03):
an expert, you don't have toknow a whole lot, but if you're
friendly, like man, that'll gofar.
I can take a friendly personwilling to put in some work and,
like turn them into somethinghuge.
So yeah, so, yeah.
So people who are like I don'tknow I don't run into many of
them, people who aren't friendly, I don't know, I don't know
(19:29):
where those people are.
Fortunately I don't reallyattract them.
They don't like my vibe orsomething.
That's fine.
Speaker 1 (19:35):
Yeah, that works for me.
Nice, they don't like my vibeor something.
That's fine.
Yeah, nice, um, all right.
So getting back to the thequestion with volunteering, your
favorite volunteering was wildwest.
Speaker 2 (19:50):
yeah, yeah, um, I'm really looking forward to new
village.
It's hoping it fills a gap,that it fulfills a need, and
there's a little bit of me whereI constantly wonder, like, do I
(20:10):
just think that we need thatthing?
Am I being like full of myself?
But I'm really hoping it itdoes go places.
Um, the most impactful I don'tknow uh, I've run into folks all
over the place.
I made some of the videos andhelped with the test for um or
(20:32):
I'm mostly qa'd and ideated withalexiersploit on EJPT version
two.
So like sometimes people walkup to me and be like oh hey, I
took the test and I recognizeyou from videos Like that's
awesome.
Some people from podcasts, somefrom Simply Cyber, some from
(20:52):
other talks I've done I neverknow what's going to hit with
people and I'm always surprisedand like I don't know.
It feels really nice to hearsomeone be like oh hey, this
really helped.
It's like, oh, I'm glad, that'sthat.
That was the goal.
Speaker 3 (21:14):
Yeah.
You just never know who isgoing to be affected by what you
put out there.
So it's definitely a journeyand experience to uh find that
out for sure, exactly.
Speaker 2 (21:32):
Exactly.
Speaker 1 (21:40):
All right, Well, thank you so much for being on
the podcast.
Please make sure to like,follow and subscribe, and we'll
catch you on the next episode ofSecurity Chipmunks.
Keep chipping away at it.
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
Ridiculous History
History is beautiful, brutal and, often, ridiculous. Join Ben Bowlin and Noel Brown as they dive into some of the weirdest stories from across the span of human civilization in Ridiculous History, a podcast by iHeartRadio.