Tag Archives: CTInfoSec

n00bsec – but what is it to be a n00b in Infosec

So there was some minor drama at this year’s hacker summer camp (Defcon, BSidesLV, Blackhat).  It appears to have been around a possible con from the group @InfosecN00bs (#n00bsec).  You can read the full blog post on what went down here.

Essentially this started out as a group of “n00bs” trying to break into InfoSec.  If you dig around they are not the first group of this type but what is interesting is they tried to start a crowd funding campaign to pay for certain members to attend the big cons.  Well it was a big scam apparently, but we won’t go into that.  This whole thing got me thinking and it is one of those topics that grinds my gears!

What is it to be a n00b in InfoSec?  Well in truth, there really shouldn’t be too many.  Infosec is not an entry level career.  Many of us in the industry did not start here.  We stumbled, fell, or accidentally opened the wrong door.  But before all that we worked the help desks, built servers, created web sites, and told users to “turn it off and on again!”  We started our journey learning how to do all these things.  Some of us did them well enough to realize that these systems had flaws.  At that point we decided to switch those gears into a security focused career.  I still laugh at the fact that someone is paying me double to tell them the same things I told them years ago as a Sys Admin.

So what I am trying to get at is, that although we may have been new to the InfoSec industry, we were hardly inexperienced.  We had a good deal of base knowledge to work off of.  That is what is important when it comes to experience.  Now for those entering the scene today, there is a wealth of information available.  Many of the pros are willing to help new folks along, but they will not be there to hold your hand.  You will need to work a bit.  Do your own research, study the topics, and make your way out to the local community events.  You don’t need to head right to Defcon, but maybe try a local Security BSides event or a meetup activity.  This is not a career for those looking for a handout or in it just for the money.  It is for those who will throw up a learning lab at home or a virtual lab on AWS just to try things out.

And some final thoughts… You are ultimately on your own when it comes to building your skills.  But when you get stuck and google has failed you, reach out and someone will point you in the right direction.  You can also reference my previous post to get a list of places to start.  If a pro offers you guidance, accept it and thank them, maybe buy them a beer if you see them at a Con.  But don’t get pissed if you try to pump them for more than they are willing to provide.  They don’t have lots of free time to devote to mentoring.  Rather why not follow them on social media or subscribe to their podcast or blog.

Go out there and learn n00bs! 😀

 

 

 

Goings on in and around the Nutmeg State…

Apologies for not posting anything in a while.  Hopefully that will change over the next couple weeks.  We will keep it simple and this will just be a simple events posting…

Source Conference Boston 2016
May 18-19th with training on the 16-17th.  Timing is great as this rolls right into…

BSidesBoston 2016
Training on May 20th, conference on May 21st.  Tickets are almost sold out!

Further down the line in July, BSidesCT comes back! CFP is open and it will once again be held at Quinnipiac University’s Rocky Top Student Center.

 

Last Week’s Meetup

We had a couple new faces come out to the kickoff of Nutmeg InfoSec Meetup. We discussed the state of the CT InfoSec community over some beer and pizza. Thankfully we all seem to believe that it exists and just needs a push to get more people involved. We eventually moved over to the classroom to a talk about Shodan.io.  The slides will be posted shortly, but you will get more out of actually checking it out and searching the “Internet of Things.”

If you couldn’t make it out to last week’s meetup, don’t worry!  We plan to do this every month.  We will most likely finish out the year at NESIT Hackerspace, but after the holidays we will look at moving around the State.  If you happen to know of  a good location between Hartford and New Haven, let us know!

Looking forward to the next one!

The first official NutmegInfoSec Meetup is just around the corner!

So what do you need to know for Wednesday October 15th?

  • Laptops not required, unless you are planning to present on something.
  • For those presenting, projector supports VGA input, so bring adapters if you need to.
  • The event is free, but NESIT is kind enough to allow us to use the space, so donations are welcomed.  NESIT is a 501(3)(c) so it is tax deductible.
  • Pizza and Soda and other cold beverages will be provided courtesy of the host.
  • If the building entrance (East Entrance) is locked, call the NESIT number (sign on door) and someone will come down to let you in.
  • Be ready to participate, this is not intended to be a “Death by PowerPoint” night, we get enough of that at work!
  • Bring a friend!
  • Bring some business cards, after all it is a networking event.
  • Where’s NESIT?  – 290 Pratt St,, Meriden, CT – East entrance go up one floor and follow the signs.

Any questions you can send them to info(at)nutmeginfosec.com