Episode Summary

In this first episode, I chat with Dan Borges, a professional red teamer, blogger, and security tool developer.

Dan discusses his early experiences using and exploiting computer systems, how InfoSec experts work with companies, and a new tools he and other created and released this year!

Episode Notes

Permalink and Transcript: http://gettingintoinfosec.com/dan

In this first episode, I chat with Dan Borges, a professional red teamer, blogger, and security tool developer.

Dan discusses his early experiences using and exploiting computer systems, how InfoSec experts work with companies, and a new tools he and other created and released this year!

Episode Highlights:

  • Dan explains how he became involved in information security, including his introduction to programming through a Lego robotics program.

  • His early experiences as a pen-tester—i.e. a penetration tester, who looks for system security weaknesses—and why it’s difficult to get hands-on experience in that field.

  • The benefits of becoming an Offensive Security Certified Professional (OSCP).

  • What does a red team do in an organization, and how is it different from pen-testing?

  • Dan describes the day-to-day life of a pen-tester and the kind of conflicts they can run into.

  • A few war stories from the trenches of InfoSec, as well as some of the tools pen-testers use.

  • How being grounded led to Dan’s earliest hacking experiences, and the ways his parents fostered his interests and mentality.

  • What conferences should InfoSec beginners check out?

  • Fun and beneficial ways you can “hack” reading.

  • Dan’s tips for those starting off or looking to transition into Infosec.

  • An in-depth look at one of the newer tools Dan uses for his work.

  • The rules and intricacies of InfoSec competitions.

Quotes:

  • “It’s such a catch-22 to get practical, hands-on experience to go to these jobs because, y’know, hacking’s illegal, right?”

  • “We don’t just go in and blow the brakes off people, we’re trying to measurably improve security.”

  • “It was a constant escalation war, cat-and-mouse like that. They’d take something away and I’d figure out how to use the computer with that limitation.”

Links:

Getting Into Infosec:

About the Show

Stories of how others got into Information Security, their experiences, lessons learned, and advice about getting in.

JOIN MY NEWSLETTER FOR ADVICE, TIPS, AND UPDATES!!

Listen for an "Easter Egg" in each show!

If you're looking to break into infosec, I wrote a little guide! Check it out:

“I purchased the kindle book last night and just finished it. It was a great “mini-mentoring” session, and I felt encouraged to persevere. I plan to listen to the podcasts regularly. As a woman getting into InfoSec, I feel as though I have been alone my entire life, learning and self-teaching with no real guidance or mentorship.”

If you benefited from an episode, please take a moment to thank our guests for taking the time and sharing their story.