Episode Summary

In this episode of "Build Amazing Things Securely," host Laura Bell Main interviews Gabrielle, an offensive security advisor at Desjardins, Canada. Gabrielle shares her unique journey from acting to cybersecurity, detailing the skills and experiences that led her to become a penetration tester. The discussion dives into the nuances of penetration testing, including different methodologies, the importance of communication with development teams, and the value of a penetration tester's external perspective.

Key Points

1. Gabrielle's Background: From acting to software development, culminating in a passion for cybersecurity.
2. Penetration Testing Explained: Understanding the process, methodologies (black box, gray box, white box), and the importance of defining scope.
3. Transition to Penetration Testing: Self-training through online resources, competitions, and creating a structured learning program.
4. Collaboration in Pen Testing: Emphasizes teamwork between pen testers and developers for better security outcomes.
5. Advice for Software Teams: Preparing for penetration tests, embracing curiosity, and the benefits of external testing perspectives.

Links and Resources

• Gabrielle's LinkedIn: Follow Gabrielle on LinkedIn
• Gabrielle's Blog: CSS by GB
• One Hour AppSec Program: Join the program

Homework

• Engage with Pen Testing: If your software is due for a penetration test, engage actively with the process. Provide clear information about your application and be open to feedback.
• Explore Learning Resources: Check out Gabrielle's blog for practical pen testing tips and her journey into cybersecurity.
• Participate in the One Hour AppSec Program: Enhance your application security knowledge and skills by joining this program designed for software developers.