Wednesday, February 10, 2016

InfoSec/Pentesting - a dude's gang?

I was browsing the interwebs and came across one blog post (link below). It is always nice to read about other people's experiences, their plan of action, their thought process, when working towards a certification, or, any other objective for that matter.

The poster is sharing her experience with OSCP certification (Pentesting with Kali). It is a fairly okay read. She passed the OSCP and it is definitely worth a genuine Congratulations!

Personally, though, her last statement, turned the entire writeup sour. She says & I quote:
"Being a woman in Infosec isn't easy. But to earn the respect of this dude’s gang, you need to play it right."

Now, I do not know her personally or professionally. But that last closing statement sounded much as a feminist. And I wanted to put forth my views on it.

"Being a woman in infosec isn't easy."
InfoSec & Penetration testing, to be specific, is a dynamic, specialized domain. You've got to consistently, & continuously, study, research, discuss, learn, share, practice, and then learn some more. And this is expected of any InfoSec professional - not just a 'woman.' It is stupid & pointless that she chose to add a 'woman' in this statement. Somehow, she seems to expect woman should have a different, simplified playing field in InfoSec than their male counterparts in InfoSec. A typical feminist attribute.

Oh you're a girl in this male-dominated InfoSec club? Let me make it easy for you. Here, I have pwn'd this box, these are the creds, you only ssh in, just take screen caps and focus on looking good in customer debriefs. Alright?

"But to earn the respect of this dude's gang, you need to play it right."
Ridiculous, uneducated & a skewed viewpoint. There is no InfoSec dude's brotherhood, no InfoSec crips & bloods or InfoSec KKK clans, keeping women out.

Professional respect is NOT based on gender. Remember (RIP) Shon Harris.?

To earn professional respect, a lot of effort goes in & rightly so. First & foremost, you must have an unshakeable passion - a passion to learn continuously, irrespective of how much you already know or how much you have grown in your career & finances. An undying passion to go on learning, & researching, sharing with community, and simply to do more.

Next, you've got to toil. There is no short-cut. There is no substitute for hard-work, perseverance, passion, commitment & of course coffee. This is how someone plays right.

If you are genuinely & passionately putting in the efforts, professional respect will come in automagically. Everyone should strive for it, but focus must always be on giving your best, even if your peers or boss ignore / downplay your accomplishments.


As if feminists hadn't had much evil fun in other aspects of life, it would be a pity if their creepy ideology seeps in to InfoSec industry.

Comments are welcome.

No comments:

Post a Comment


The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.