Spencer Alessi

Spencer Alessi

hacker | pentester | researcher | active directory connoisseur | wiz-bang exploit slinger hiding in the shadows | Live now, be yourself, remember death 🛹🏂👨🏼‍💻🎮❄️🏔📷

Why You Should Have A Personal Blog as A Pentester

  3 minute read  

Writing on a personal blog is a really great investment in yourself. It shows gumption and can be a sign that you take your career seriously. It can be an outward display that you “know your stuff.” A person blog is also a great place to link to open-source projects you work on, or tools you’ve written or CTFs you’ve participated in.

A personal blog is your resume in landing page form from which you display or link to all the things that make you uniquely qualified to do whatever it is you do. I think everyone who has the ambition of continual professional growth should have a personal blog and contribute to it regularly. Now I say that, having not contributed to my blog in over a year. To be fair, I have been contributing to the SecurIT360 content machine lately. But if you go look at my personal blog (spenceralessi.com) you will see stuff there and you will notice I was writing daily at one point, for the sole purpose of getting better at writing.

Why should you start a personal blog?

To be honest, there are a lot of reasons. This blog post serves as a follow up to a blog post I wrote last year called I Write Because. Writing is a form of self-expression, it’s a way to articulate your thoughts and beliefs on a topic, it’s a way to pass on your expertise on a subject. The writing process, especially when you receive feedback, helps you to become a better communicator. In what line of work or life is it NOT advantageous to be a better communicator? Just ask my wife.

If you’re working in IT or Cybersecurity and especially if you’re a pentester, some of the best arguments I have for why you should have a personal blog are:

1) To develop your understanding of a topic

“Teaching is the highest form of understanding.” - Aristotle

Writing causes you to think critically about what you know or have learned. It improves your ability to recall that information later, which helps cement that learning in your brain. Writing things down allows you to connect dots you may not have otherwise connected. It also gives you much needed practice in the art of communication. Being able to explain the complex subjects we often encounter in Cybersecurity is a skill. A skill that can be learned and honed and sharpened. Writing is one way you can do that. If you want to get better at a subject and learn it more deeply, write about it and teach it yourself.

2) To inform, education or entertainment

“Strive not to be a success, but rather to be of value” - Albert Einstein

I believe that those who enjoy creating and sharing content, those who write blog posts, create videos or training courses, or write books enjoy the feeling of being of value. And not only do they enjoy it, but they also live for it and thrive on it.

I will call upon two individuals to use as examples. John Hammond and Heath Adams. Both create really great YouTube videos. Some of John’s videos are the absolute best at conveying complex subjects, simply. Heath’s penetration testing training courses and subsequent PNPT certification is hands down one of the best certifications a new pentester or someone looking to get into pentesting can get. Oh by the way, I know you know this but YouTube, that’s free. Free for you to consume. Do those creators get paid from those videos? Sure. Is it a lot? Probably not. Sure, there is some add revenue and sponsor revenue. But if you watch any amount of John’s videos you can tell he is not making these awesome videos for money alone. Likewise for Heath. If you follow him on social media, you know how much he gives away for free. The initial version of Heath’s flagship pentesting course is also free on YouTube.

Both John and Heath have become very well known in the industry and as far as we can see from the outside, they appear to be happy and to be doing very well for themselves, professionally and one would expect, financially.

Conclusion

The point of this long rant and the point of this blog post is that teaching someone something, providing immense value to a group of people or being a source of entertainment is really awesome and a worthwhile endeavor. If you focus on providing value without seeking a return and without expecting anything in return, it’s my believe that you will be handsomely rewarded.

One way you can do that and have a measurable amount of success is by creating a personal blog, contributing to it and sharing it with the world.

You may also enjoy

Twenty Days of Consistent Writing

  2 minute read  

What happens to your brain when you write every day? The results are pretty interesting, at least for me personally.

Complexity Is The Enemy Of Security

  2 minute read  

As a Security Practitioner, you win or lose by how you strategize, plan, design and build. To me that’s some of the most enjoyable parts of security. Thinking of creative ways to solve problems. The issue becomes, sometimes the more creative we are, the more complexity we add. Complexity adds to confusion. Confusion leads to more problems and problems lead to incidents.

Sucessful Leaders Don’t Win

  1 minute read  

“The only meaningful measure for a leader is whether the team succeeds or fails.