Skip to main content

mastodon - Link to source
Cybersecurity isn’t ready for the conversation about how bad sexism and ageism are in the whole pen test / red team community, or how influencer culture and the saturated market are enabling it to get worse. linkedin.com/pulse/tryhackmes-…

THE PROBLEM 18 creators. Zero women.

Josh Mason 🍄 (www.linkedin.com)
This entry was edited (2 weeks ago)
in reply to Lesley Carhart

Random Damage 🌻
mastodon - Link to source
Random Damage 🌻
seriously, the whole idea of the "hero solo operative" is something that is really the domain of young men, and it's far from the most effective technique

Lesley Carhart reshared this.

in reply to Lesley Carhart

Kay
mastodon - Link to source
Kay

Strange how in a country with so many tech experts they couldn't find women speakers.

Recently I attended #Kawaiicon2025 a #Cybersecurity / #InfoSec conference in Aotearoa New Zealnd, a country with just over 5Million people living here. They found an assortment credible and interesting speakers who were men or women or nonbinary (NB). Same with panels. And organisers which helps. The participating audience was still more Men than Women or NB but anyone attending would have found peers.
kawaiicon.org/talks/

A fully sponsored Girl Geek Dinner pre-con welcoming event was also held.
kawaiicon.org/con-events/#girl…

Calling out manels (all male panels) is brave work and it's helpful when men do the "Do Better" call.


Hallway con - Kawaiicon 2025

Kawaiicon is more than just the main talk track over the two days. We know a lot of people come to the con to see each other, hangout, and cause some hacker mischief. That is why we have a hallway con.
Kawaiicon 2025
#infosec #cybersecurity #kawaiicon2025
in reply to Lesley Carhart

JW
mastodon - Link to source
JW
My limited understanding, from working in a CIOs office, good cyber security requires a range of skills and ways of thinking, a gaggle of young white blokes will struggle to achieve this.
in reply to Lesley Carhart

Lesley Carhart
mastodon - Link to source
Lesley Carhart
Cybersecurity also isn’t ready for the conversation about how we as an entire industry trick young men into perceiving red team as a way to be legally allowed to be a high tech, vigilante thief and then hire them for crap salaries to write repetitive and futile vulnerability assessment reports.
in reply to Lesley Carhart

Lesley Carhart
mastodon - Link to source
Lesley Carhart
Women and older career switchers are generally not even exposed to red team as an option of interest that they’d be good at using socialized skills, which is kinda crazy when the most ignored people in society who can pretty much walk in anywhere are older women. Instead we portray it like esports.
in reply to Lesley Carhart

Lesley Carhart
mastodon - Link to source
Lesley Carhart
In conclusion this is screwing over everyone except five problematic red team “rock star” seniors in a trench coat.
in reply to Lesley Carhart

Alex
mastodon - Link to source
Alex
I tried looking for youtube videos on red teaming and it is mostly a bunch of white bald guys wearing tactical gear. It is depressing how gatekeepy red teaming is cuz someone like me would be really good at it.

Lesley Carhart reshared this.

in reply to Lesley Carhart

Kim Scheinberg
mastodon - Link to source
Kim Scheinberg

I don't mean to laugh, but this is quite the thread to read while spouse and I are at the tail end of our fifth rewatch of _The Americans_

<insert Margo Martindale gif here>

Lesley Carhart reshared this.

in reply to Lesley Carhart

Dave Wilburn
mastodon - Link to source
Dave Wilburn

This is disappointing. Am I misremembering, or didn't they have several women in previous years? I wonder what changed that allowed this to happen.

I also wonder if the speakers had any insight or awareness, or any opportunity to inquire before they accepted their roles. I'm speculating that it's probably not like a panel (or rather a "manel") where you would know who your fellow co-panelists are, but maybe I'm wrong. But it still leads me to wonder if there's a way to inquire and issue demands after your proposal has been accepted. What's the best practice here for prospective speakers submitting to a CFP or responding to an invite?

in reply to Lesley Carhart

Raccoon🏳️‍🌈
mastodon - Link to source
Raccoon🏳️‍🌈

The sad thing is that penetration testing is fun. It's basically hammering every solution you can think of at a puzzle you can't see, often having to adapt on the fly to information as you get it, especially when you are pulling off physical or social methods.

It honestly should be for everyone.

in reply to Lesley Carhart

Random Damage 🌻
mastodon - Link to source
Random Damage 🌻

this is one of the *advantages* to transitioning over 50.

With very few exceptions I'm not expected to perform femininity in the same way that a woman in her 30's or younger would be, for most people I'm post-sexual and in a different category completely

in reply to Lesley Carhart

Michael Weiss
mastodon - Link to source
Michael Weiss

that's advantageous for those older women who do go into red teaming. If it were a common thing, they'd become suspicious, too.

The stereotype of the young male in the hoodie is very useful for those who aren't any of those things.

Lesley Carhart reshared this.

in reply to Lesley Carhart

Misuse Case
mastodon - Link to source
Misuse Case
Be an older white woman going into somewhere with an expensive purse and you can basically social engineer anything.
in reply to Lesley Carhart

Balthasar
mastodon - Link to source
Balthasar

I once witnessed well-known European red teamers get into a push up contest at a conference after a few beers…

In the industry, a self-perception of “I can hack it, I am so much better than the people who build it”, really feeds into this male ego culture.

I think we need to emphasise our purpose as red teamers is not to show how good we are but to help organisations understand weak spots and attacker behaviour. We should view red teaming as tricky puzzles instead of being a vigilante mercenaries.

in reply to Lesley Carhart

josh g.
mastodon - Link to source
josh g.
"crap salaries" and "futile vuln reports" is discouraging. do exceptions exist? I'm considering a career shift and "break business code" sounds a lot more motivating than "build business code". (my poor ADHD engineering brain is a mess that way)
Unknown parent

Lesley Carhart
mastodon - Link to source
Lesley Carhart
@cR0w Matlock (2025)
@cR0w h0 h0
in reply to Lesley Carhart

Sam Stephens
mastodon - Link to source
Sam Stephens
@cR0w Kathy Bates as a red teamer ❤️❤️❤️. Mind you Kathy Bates as anything, I think I'll watch Matlock and it will only be because of her.
@cR0w h0 h0
in reply to Lesley Carhart

David Pollak
mastodon - Link to source
David Pollak

a mono-culture reduces the set of ideas explored… very bad for red teams…

A mono-culture of well off white men who can confidently walk through high crime areas without worrying (I’m in that group) perceives far fewer threats than marginalized folks. This is a huge negative for red and blue team.

Net-net, it’s fucking stupid not to engage with a broad set of folks when red teaming.

in reply to Lesley Carhart

satire
mastodon - Link to source
satire

I’m not sure it’s wise to use a subtitle that I would have suggested. Well played for slipping it in.

#rimshot #humor #ThreeInOne #NowFour

#humor #rimshot #threeinone #nowfour