TryHackingMy Way From Cyber Sales to Cyber SOC

Good morning. Thank you for coming to my talk today. Um, try hacking my way from cyber sales to cyber sock or uh aka from Michael rack to rack attack. So basically after a very unsettled childhood um very strict unstable father living on three continents by the age of seven I was a victim of life. I hid away and um basically fell into computing in the late '7s, early ' 80s. Um self-taught coder and basically breaking into games to access code became a bit of a bit of a fun way of trying these things. This is back in the day when we used to copy games out of magazines and actually hardcode them u manually. Keystroke at the time didn't have uh

studio code and what have you. Left without a degree. um got into sales, did some sales work and ended up trying to get into IT sales. No degree, no joy. So, ended up going into IT recruitment, mixing my sales experience with my technical passion still. Um and basically that was the start of what was a 30-year technology learning curve regardless of the role I've been in. Uh started off by CD shuffling, doing all the things people do when they start a new role. It's it's mundane things but actually very quickly started spots the right things to put together by qualifying well understanding well knowing your stuff and going beyond just the basic tagline. Um I recruited

various people across the channel from IT directors to sales directors through to getting management directors changed within Cisco partners. Built the first security sales team for a major distributor and actually put an ethical white hat kitty in there about 20 years ago. His name is Harry Bullah. He's now senior vice president of international at um Firemon and he's also a board director for for Pickers. Um so on the back of that having moved into IT recruitment, I managed to um pivot into the Cisco channel premier partner, sell some of the first F5 in the UK and then pivot and evate elevate into a gold partner. Combining that with my channel contacts, I then introduced emerging vendors into the market,

including a small company called Bug Crowd you may have heard of. Working with the likes of um Katy Missouri or beating Katy Missouri and working with the likes of Jason Haddex, who you probably quite well know. Uh breaks in my career due to exhaustion. Um basically I ended up being homeless about 7 years ago for 6 months living on a shell of a boat digging myself out of a hole. while I found a small apartment, worked on a building site for about a year and a half and was interviewing on brakes behind huts and JCBs with vendors on the phone [laughter] and COVID kicked in, locked us all down. So, I went online. Neighbor of mine

introduced me to online gaming, having been a big gamer, missed out on all this new stuff. Got into Apex Legends, got onto Twitter, and discovered this type of security community out there that I'd heard all about at Bug Crowd. carried on flexing my time on uh things like YouTube, practicing gaming content, digital content, embracing digital engagements. Um small 202 video got over 900 hours of view time and 147,000 views and I started Squad Wipe Sunday for a bit of fun. Um again, just keep myself busy. Leaning heavily into the technical content though. discovered people like John Hammonds Tiberius during his uh very early streams without his polish that he's got now you know and I also came across uh

yeah some other interesting things like this guy called Stuck he was quite fun fell into his stuff loved it wanted to learn Python because I had this gaming channel and I wanted to create a retweet bot so I went to look at Python this guy on Twitter comes back this buddy of mine called Dan Con small guy he doesn't do much in the cyber anymore. He's, you know, working for a trust pilot running a team or something, I think. And use a VM, fine, no problem. Sounds easy. That's where it all started. Managed to get an interview with Just Eat. They were looking for a cyber security culture lead. Stu Hurst I'd been um engaging with on on Twitter, who'd also

come across back at Bug Crowutra. He supported me. He got me an interview with Ke Fielder. Blown away. Didn't get the job. They went for someone with more learning management experience. They were a footy 100 though, so it's hardly surprising. But to get that far was motivational and just made me push further. Listening to the community though, I started to realize some things. Apparently, I've got neurodyiversity.

So, yes. Anyway, so listening to the community, I I aligned with that and listened um made friends with a a lovely woman called uh Lisa Ventura before she got her MBE for uh inclusion and diversity in cyber and um yeah joined the NHSQ to nowhere. So post lockdown it all went off. We wanted to get out and see people. I went to this little thing called uh you know the beer farmers events at the DTX. Um afterwards met these try hackme top 1enter at the cyber house party that blew me away. His tenacity his ability to take life head on. He was a deaf mute and he just he just yeah that was it. I

was straight on to try me. I'd got the uh ability now to focus on stuff. I had the tools to do it and I had the inspiration. Went hard, went wide, went deep. I was like a [laughter] a kid in a sweet shop. Wouldn't learn it all. But I was learning. I was focusing on learning versus even covering things like network fundamentals that I'd done back at college when I started in recruitment back in 1996. So going through from burping and sniffing from Kate's to John from Merttack to Metasloit and from SN MP to SMTP, Linux PowerShell Bash Python the lot. I touched on it all. I learned various bits, all nighters, trying to gain root. even

covered some OT stuff having worked in high vacuum engineering during my preIT days working with like Rolls-Royce aerospace and air production lines which I didn't realize much about at the time I was asked recently what makes you so good at try me what makes me want the best I'm not I've covered wide I've covered breadth not depth not like some people who are very specialist in niche areas everything though everything required me learning something else first. Everything that someone told me I had to go look up and look up something else to understand that to start with. It was hard going. Got a new job coming out of lockdown with some black hat trainers who built

an automated pen testing platform. You can't automate a pen test, I was told by one of my contacts. So on the back of that, I went and did the comedy of pentest plus path and passed that. I've also done the Cisco ethical hacking course recently as well. uh again wanting to know more about it to understand what the realities were. assistant active directory broke me for almost three or four months. Excuse me. But I got around that. I stepped back for a few months. Came back with a clear head. Got it. Don't know what the problem was. Don't know. Same thing happened this year with open CTI. Spent months on it. Walked away. Even asked

one of their sales engineers at on their stand about the UYU IDs. He didn't know what an idiot I was. So simple. I've got that running now. Fine as well. But by doing all of this, looking at all of this, looking at the cyber killchain, looking at attack paths, profiling, engaging markets this way is what I've been doing my whole sales career. Different approaches, different stages, different skill sets, understanding the triggers and how to make things happen. Also pushing me to read uh Jenny Rader's book, The People Hacker, and meet her cuz she is awesome. She is a rockstar. But also it made me realize a synergy between things like fishing and a versus advanced APS compared to what I do

versus the typical sales or recruiter. Put the work in, put the research in and target versus low-level, low risk, low cost, low chance of success. These are people things, not technology things. This year on the back of all of this, what have I done? Um, having gone off to Sicily for 3 weeks straight after B-side London last year, I came back in January. I was blessed to attend the White Hat Ball invited by Phil Kraknel, an an ex-defense contract and CESO and a friend of mine. I attended the HMCOM in the spring. Um, you know, Ben who runs it, Jason Hadex was on there, my old colleague, and Sto came on and he was talking about breaking into games as a

kid. The moment hit me around the face and I went, "This is what I was doing. This is where I've come from. This is the same mentality and approach I've been using throughout my whole career." Yep. I attended Bside Bas again as well. Reflecting on last year where my mate Raph did the most amazing talk on human honeypotss. Not super techy, just really clever, really to the point. And understanding the fact that access people are access points into organizations. It blew me away. I went again this year. Got an awesome skateboard often [laughter and gasps] and also went down to breeze Bristol and had a great time down there. Sat there next to Mano's better friend of ours

doing the first question on the CTF solo. He looked at me and went, "Oh, you actually can do this stuff then?" Yes, manage. [laughter] And uh yes, so basically today I'm here today in front of all of you really just looking to inspire one person at this point. I've been joining OAS OWS London sessions. I've been joining GT prompts GTFO by Gaddy sitting there going through the audience you know as I do rather than watching the talk. I was seeing Chris Whissy Pton founder of Veritat Verico sorry Casey all these other guys so I know for well if they're in the audience I'm in the right place I also then got invited to an inerson

event by Pelam row of CTG intelligence having watched play secure during lockdown invited onto the panel last year and then invited this in inerson event during the event uh chat came over to He said "Um I've been reading your posts about ADHD and neurodiversity. I'm very interested, very proud that you've been outspoken as well. Let's have a talk. I understand the value of getting, uh, diagnosed and treated." And I managed to hack my way to a six week queue, having been waiting for 2 years, and I've now been diagnosed and treated, which is why I'm able to stand up here and do this today. But yes, sorry. Back in uh back in June, I was contacted

by an exforces sock manager um regarding a shift lead role in a defense contractor looking at sock uplift, disruptive tech and AI uplift, all the things I've been playing with throughout my career. He liked my approach and loved all the work I've been doing. Wanted to interview me. Sat there for three weeks, went down a rabbit hole. Allison Wonderland reached out to uh an old contact of mine, Jay Cran. I'd worked with a bug crowd. He'd sold his uh built and sold in the tech service management platform to Mandant previously that knew a few things. He'd pro he praised my studies two years previous said he was there if I needed anything. I'd bank that. Now

was the time to call. I've had access to his new his new threat intelligence platform. I got early access to sections AI by Robert Fly. Uh, I've been reading Defan0513 in depth looking at Sigma rules detection engineering levels and went deep. Unfortunately, I didn't get it. I missed out somebody with um X forces and frontline signals is all I can say. Um, but with two lots of feedback from HR and from the sock manager, which we all know never happens. So, it actually told me something utilizing this. I'm starting a new job next year hopefully. I'm waiting on final confirmation. I can't say where I um use that experience, use those contacts. This time I've actually managed to pivot

and elevate in one move. I'm going to be driving neurodyiverse initiatives inside. I'm going to be doing gamification, building attack and defense enablements, and basically lifting the the capabilities and the uh and the hunger within the team. Reaching out regarding the harm the harm con that's coming up, the winter version in next week, they felt was highly valuable. The fact that I was so proactive, so engaged, and so driven, they saw as a real differentiator and value. And um that's my story. Um advice, take advice from the right people. It's like threat intelligence. Different sources for different things. Pick the right intel sources for the right questions. Have a wide network. And um well, all I can say is these people have

helped me inspire me. His video was amazing. Great fun screwing with baddies. What can I say? And Sean White, who I now game with, helping me out on my uh on my on my Python. Thank you for seeing me today. Thank you for coming.