From Zero to One, David is a lifelong builder. Wherever he goes he just builds things. From an electric car to adhoc android apps to ZAP HUD, an awesome heads up display for ZAP Proxy, a game changer imho.
From Zero to One, David is a lifelong builder. Wherever he goes he just builds things. From an electric car to adhoc android apps to ZAP HUD, an awesome heads up display for ZAP Proxy, a game changer imho. We discuss the lack of UX in the security tooling community, how contributing to Open Source got him his job, and even about imposter syndrome.
David Scrobonia is part of the Security Engineering team at Segment working to secure modern web apps and AWS infrastructure. He contributes to open source in his spare time and leads development for the OWASP ZAP Heads Up Display project.
Mostly interested in architecture and mechanical engineering when younger.
Built his own electric car with his dad, out of a Porsche 914!!
David explains XSS and why certain languages are better than others, such as react.
David gets lost in El Segundo. Yes.
"It's just a program that listens on these silly protocols."
"Playing with my hands I wanted to do more hands on stuff, quickly fell in love with the coding side as a lot of people do."
"I was like... what's GET? what's POST? What do you mean?"
"Before you know it right it seems so daunting."
"Still plenty of opportunities out there. Will be a long time before the world is perfect and secure."
"With all those things, I've been working in the security industry, but I didn't really feel part of any security community."
"I have nothing but good things to say about the open source community."
"...they're (security tools) just not built with user experience first."
"I think people underestimate what they are able to contribute."
David on Twitter: https://twitter.com/david_scrobonia
Rube Goldberg Machine: https://en.wikipedia.org/wiki/Rube_Goldberg_machine
Dan Boneh's Cryptography Course: https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/
OWASP Appsensor Project: https://www.owasp.org/index.php/OWASP_AppSensor_Project
Zap Proxy Heads Up Display (HUD): https://github.com/zaproxy/zap-hud
Article by David on Zap HUD: https://segment.com/blog/hacking-with-a-heads-up-display/
Brakeman Pro: https://brakemanpro.com/
My talk at Sam's class: https://www.youtube.com/watch?v=KJvPHZGtGdM
Intro: Cascadia by Trash80 (https://trash80.com) Licensed Under Creative Commons
Outro: Cancun by Topher Mohr and Alex Elena
Getting Into Infosec:
About the Show
Stories of how others got into Information Security, their experiences, lessons learned, and advice about getting in.
Listen for an "Easter Egg" in each show!
If you're looking to break into infosec, I wrote a little guide! Check it out:
“I purchased the kindle book last night and just finished it. It was a great “mini-mentoring” session, and I felt encouraged to persevere. I plan to listen to the podcasts regularly. As a woman getting into InfoSec, I feel as though I have been alone my entire life, learning and self-teaching with no real guidance or mentorship.”
If you benefited from an episode, please take a moment to thank our guests for taking the time and sharing their story.