One of my proximities has an interesting method of associating each year with a particular noun. 2022 was a year of CHANGE for me. I intend to follow through on this year and make 2023 the year of GROWTH. It would be interesting to look back at the end of 2023 and determine if my expectations and goals were met.
Software Dev + Cybersecurity = ?
In the past year, I have rekindled my passion for the cybersecurity field. First, I thought I would join the dark site again as I had some previous black hat experience. Over all, hacking is cool and is much more likely to get you laid, isn’t it? The thing is that I enjoy building things much more than tearing them apart. Creating features that help others brings me joy and is something I would not like to give up. Not even for the cookies offered by the dark side.
I have started asking myself whether there is an intersection between both of my interests: software development and cybersecurity. After some time (and thanks to some amazing people I have met), I have stumbled upon “Alice and Bob Learn Application Security,” written by Tanya Janca (both the book and author are amazing! ) which introduced me to the world of application security and DevSecOps. In short, Application Security is all about developing more secure software, and DevSecOps aims to bring security to each and every stage of the SDLC (Software Development Life Cycle). Having a dev background, I was able to pick up the main points pretty quickly, and what’s more important, I have realized that this might be a suitable path for me.
Once I set my mind on the track or towards a particular goal, I simply cannot be stopped. I will work overtime studying, researching, testing, and practicing. I sometimes consider it a curse and a blessing at the same time. Taking interest in AppSec motivates me to become both a better developer as well as a cybersecurity expert.
This year, I would like to persue my interest in the DevSecOps.
Certifications and continuous learning
I consider myself lucky to have developed the habit of continuous learning. Especially in tech (and software in particular), learning and development are quite important as the field is always evolving and no one should rest on his or her laurels. In fact, one of my greatest concerns is that one day I might become a “lazy professional.” I have confided this concern of mine to my friend.
He suggested I start getting certifications (even the silly ones) to have something I can look back on. Getting certifications in the cybersecurity field might, however, be a bit complicated in the beginning, as there are not that many certs that are affordable, credible, and available for newbies in the field. I am currently preparing for the CAP (Certified AppSec Practitioner) exam, which I was gifted. Keep your fingers crossed!
Starting a new community
I am an active member of the DevSecCon (global DevSecOps community) and one of the book club’s participants (I will be even more active in 2023, keep your feed open for the news!). Currently, there are no chapters in the Czech Republic or Slovakia, nor are there any cybersecurity meetups in the city I live in. In the last year, I have started talks about starting a new community here in Brno, and now, more than ever, I would like to spearhead this activity. If you are up for this or would like to participate, please let me know. I will be more than happy to connect!
Creating more content
I have this great blog where I can post my thoughts and ideas, but in 2023, I would like to start creating some educational content (both for cybersecurity and programming sections). The first one being a series on low-level coding flaws often used in exploitation. If you want a sneakpeak, check my article about buffer overflow exploitation.
Social media activity
I also plan on becoming much (and I mean really really much) more active on the social media. Keeping my LinkedIn for professional stuff and talking about cybersecurity and programming or just dumping my thoughts on Mastodon. Feel free to follow me there for any updates!
If you have read so far, you might want to follow me here on Hashnode. Feel free to connect with me over at LinkedIn or Mastodon.