When I was a software developer, I never joined any dev communities. I didn’t see the point. I also worked evenings as a professional musician and mostly spent time within the music community and sports groups I was a part of. I spent time with my dev friends at work; I didn’t understand why I would want to know devs with whom I didn’t work. I was a senior dev. I had been for almost a decade, and I felt time out of work was “for me” and that doing anything to do with work on “my time” made little sense.

Then I switched to the security field, and everything changed.

Fresh Starts and OWASP

When I tried to join security, I couldn’t figure out where and how to learn the things I needed to succeed, so I joined the local OWASP chapter. OWASP (the Open Web Application Security Project) is an international non-profit dedicated to teaching everyone about application security. They have conferences, local chapters with meetups and online projects. I made a TON of friends (people whom I still talk to all the time) and learned constantly. I figured out that becoming the Chapter leader meant I could help decide which topics we would cover, meaning I could influence the curriculum to be stuff that *I* wanted to learn. I also figured out that almost everyone else wanted to learn the stuff that I wanted to learn! They gave me confidence that I *could* learn, and there was definitely a place for me in infosec. I also did my first-ever security talk at OWASP, and even though I was extremely nervous, all of my community members were absolutely wonderful to me. I also found my second professional mentor through OWASP, and then I was introduced to B-Sides!

(Read more...)