Spencer Alessi

Spencer Alessi

hacker | pentester | researcher | active directory connoisseur | wiz-bang exploit slinger hiding in the shadows | Live now, be yourself, remember death 🛹🏂👨🏼‍💻🎮❄️🏔📷

You May Never Believe This Infosec Style

  1 minute read  

You may never believe this, infosec style..

You may never beleive this…Information Security itself isn’t hard, doing the work is hard, adulting and working with people is hard.

You may never beleive this…Security practitioners really do care about their companies, customers, clients, peers, the industry, the world.

You may never beleive this…Informaiton Security is a business issue not a technical one.

You may never beleive this…Security exists to support the business and enable competitive advantage.

You may never beleive this…Security practitioners are doing the best we can with what we’ve got.

You may never beleive this…Security practitioners try really, really hard.

You may never beleive this…Security practitioners are not robots, we cannot work endlessly without exhaustion and burnout.

You may never beleive this…Information Security is still in it’s infancy.

You may never beleive this…Vulnerability scanning and penetration testing are not the same.

You may never beleive this…Two factor and multifactor authentication, while great, does contribute to user frustration no matter how you slice it.

You may never beleive this…People really do care about security (and privacy), the “trick” is to figure out why they care.

You may never beleive this…“Users” are not stupid.

You may never beleive this…We are all in this together.

You may never beleive this…We are all on the same side.

You may also enjoy

Why You Should Have A Personal Blog as A Pentester

  4 minute read  

Writing on a personal blog is a really great investment in yourself. It shows gumption and can be a sign that you take your career seriously. It can be an outward display that you “know your stuff.” A person blog is also a great place to link to open-source projects you work on, or tools you’ve written or CTFs you’ve participated in.

Twenty Days of Consistent Writing

  2 minute read  

What happens to your brain when you write every day? The results are pretty interesting, at least for me personally.

Complexity Is The Enemy Of Security

  2 minute read  

As a Security Practitioner, you win or lose by how you strategize, plan, design and build. To me that’s some of the most enjoyable parts of security. Thinking of creative ways to solve problems. The issue becomes, sometimes the more creative we are, the more complexity we add. Complexity adds to confusion. Confusion leads to more problems and problems lead to incidents.