18 min listen
David Scrobonia - Lifelong builder, Appsec Engineer, Creator of ZAP Heads Up Display
David Scrobonia - Lifelong builder, Appsec Engineer, Creator of ZAP Heads Up Display
ratings:
Length:
35 minutes
Released:
May 3, 2019
Format:
Podcast episode
Description
From Zero to One, David is a lifelong builder. Wherever he goes, he just builds things. From an electric car to Adhoc android apps to ZAP HUD to an awesome heads up display for ZAP Proxy, he's a game-changer, IMHO. We discuss the lack of UX in the security tooling community, how contributing to Open Source got him his job, and even about imposter syndrome.
BIO
David Scrobonia is part of the Security Engineering team at Segment, working to secure modern web apps and AWS infrastructure. He contributes to open source in his spare time and leads development for the OWASP ZAP Heads Up Display project.
Notes
Mostly interested in architecture and mechanical engineering when younger.
Built his own electric car with his dad, out of a Porsche 914!
David explains XSS and why certain languages are better than others, such as React
David gets lost in El Segundo. Yes.
Quotes
"It's just a program that listens to these silly protocols."
"I wanted to do more hands-on stuff, [and] quickly fell in love with the coding side as a lot of people do."
"I was like... what's GET? What's POST? What do you mean?"
"Before you know it, right? It seems so daunting."
"Still plenty of opportunities out there. [It] will be a long time before the world is perfect and secure."
"I've been working in the security industry, but I didn't really feel part of any security community."
"I have nothing but good things to say about the open-source community."
"They're (security tools) just not built with user experience first."
"I think people underestimate what they are able to contribute."
Links
David on Twitter: https://twitter.com/david_scrobonia
Rube Goldberg Machine: https://en.wikipedia.org/wiki/Rube_Goldberg_machine
Dan Boneh's Cryptography Course: https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/
OWASP Appsensor Project: https://www.owasp.org/index.php/OWASP_AppSensor_Project
Zap Proxy Heads Up Display (HUD): https://github.com/zaproxy/zap-hud
Article by David on Zap HUD: https://segment.com/blog/hacking-with-a-heads-up-display/
Brakeman Pro: https://brakemanpro.com/
https://samsclass.info
My talk at Sam's class: https://www.youtube.com/watch?v=KJvPHZGtGdM
Intro: Cascadia by Trash80 (https://trash80.com) Licensed Under Creative Commons
Outro: Cancun by Topher Mohr and Alex Elena
Getting Into Infosec:
Twitter: https://twitter.com/coffeewithayman
YouTube: https://www.youtube.com/channel/UCg6gV_gdfc188HZdN8LUx4A
Book: https://www.amazon.com/Breaking-Step-Step-Starting-Information-ebook/dp/B07N15GTPC/
See omnystudio.com/listener for privacy information.
BIO
David Scrobonia is part of the Security Engineering team at Segment, working to secure modern web apps and AWS infrastructure. He contributes to open source in his spare time and leads development for the OWASP ZAP Heads Up Display project.
Notes
Mostly interested in architecture and mechanical engineering when younger.
Built his own electric car with his dad, out of a Porsche 914!
David explains XSS and why certain languages are better than others, such as React
David gets lost in El Segundo. Yes.
Quotes
"It's just a program that listens to these silly protocols."
"I wanted to do more hands-on stuff, [and] quickly fell in love with the coding side as a lot of people do."
"I was like... what's GET? What's POST? What do you mean?"
"Before you know it, right? It seems so daunting."
"Still plenty of opportunities out there. [It] will be a long time before the world is perfect and secure."
"I've been working in the security industry, but I didn't really feel part of any security community."
"I have nothing but good things to say about the open-source community."
"They're (security tools) just not built with user experience first."
"I think people underestimate what they are able to contribute."
Links
David on Twitter: https://twitter.com/david_scrobonia
Rube Goldberg Machine: https://en.wikipedia.org/wiki/Rube_Goldberg_machine
Dan Boneh's Cryptography Course: https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/
OWASP Appsensor Project: https://www.owasp.org/index.php/OWASP_AppSensor_Project
Zap Proxy Heads Up Display (HUD): https://github.com/zaproxy/zap-hud
Article by David on Zap HUD: https://segment.com/blog/hacking-with-a-heads-up-display/
Brakeman Pro: https://brakemanpro.com/
https://samsclass.info
My talk at Sam's class: https://www.youtube.com/watch?v=KJvPHZGtGdM
Intro: Cascadia by Trash80 (https://trash80.com) Licensed Under Creative Commons
Outro: Cancun by Topher Mohr and Alex Elena
Getting Into Infosec:
Twitter: https://twitter.com/coffeewithayman
YouTube: https://www.youtube.com/channel/UCg6gV_gdfc188HZdN8LUx4A
Book: https://www.amazon.com/Breaking-Step-Step-Starting-Information-ebook/dp/B07N15GTPC/
See omnystudio.com/listener for privacy information.
Released:
May 3, 2019
Format:
Podcast episode
Titles in the series (62)
BONUS: Robin Stuart - Road to Becoming a Cyber Crime Author by Getting Into Infosec