Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
casey Profile picture
casey
@varcharr
#infosec | judging CVEs | occasional blogger | she/her | #cybersecurity #womenintech @varcharr@infosec.exchange
Feb 20, 2022 7 tweets 2 min read
Lately I’ve seen so much advice about switching jobs being necessary to get the salary you deserve.

Here’s a 🧵 of questions for companies. 1. How is losing employees, who are so valuable that other companies drastically increase their compensation AND who already know how to provide value to your company, in any way conducive to your financial, growth, culture, etc goals?
Feb 2, 2022 9 tweets 3 min read
Here are the steps I would take if I was new to infosec ⬇️

(and wish I had known when I got started) ✨ 1

Get on infosec Twitter.

There is, hands down, no better exposure to the people, jobs, opportunity, news, skills, etc, than what you’ll find here.

Even if you don’t post, you can keep up with news and learn what others in the field are doing.
Jan 19, 2022 24 tweets 11 min read
✨ 20+ free resources for improving your infosec knowledge & skills ✨

Includes videos, labs, conferences, and more! ⬇️ ✨1

HackTheBox

Practice pwning boxes (finding vulnerabilities, exploiting them, using @metasploit, pivoting around systems, getting root, and much more).

hackthebox.com
Jan 19, 2022 6 tweets 2 min read
Technical interview processes can be difficult.

Did you know that there are awesome people who have created resources to help you? ⬇️ 1️⃣ De-coding the Technical Interview Process, by @EmmaBostian

technicalinterviews.dev
Jan 18, 2022 4 tweets 1 min read
What would it look like to make interview processes emulate what it’d be like to work with the candidate? Like for somewhere between 30 and 60 minutes, depending on the posed problem, providing the candidate with the type of thing they’d be doing day to day and watch them figure it out. Act like a teammate- they ask a leading question you can answer? Answer it. Let them continue.
Jan 17, 2022 4 tweets 1 min read
I just responded to an email 9 months late so if you think you’re too late to follow up on something, this is me telling you you’re not. “Thank you so much for reaching out, and again I’m so sorry for probably the latest email response you’ve ever received.”
Jan 14, 2022 11 tweets 3 min read
If getting stuck on picking a hosting platform or stack is stopping you from creating content, don’t let it!

Let’s talk about what to consider and what options you have ⬇️ 1. Find time to consider the options.

Don’t try to rush this, because you’ll realize later that other options have potential as well and you’ll get stuck all over again.

So start by carving out time to think about what you want.
Jan 13, 2022 16 tweets 3 min read
Have you heard of OWASP Top 10 but aren’t familiar with it?

Or maybe you knew the 2017 list but not the updated list from 2021?

Let’s talk about it! 🧵 ⬇️ What is the OWASP Top 10?

It outlines the most pertinent risks to web security. The most updated list was released in 2021. 7/10 from the 2017 list were kept (but moved around in rankings), and 3 new risks were added.
Jan 3, 2022 10 tweets 2 min read
Things not normally taught in computer science curriculums that should be included 🧵 This will be a part 2, since I did one of these a little while ago. I recently thought of more things so wanted to do a follow on. If you wanna check out the first one, here it is:
Jan 2, 2022 6 tweets 1 min read
I've spent a lot of time wondering how I didn't spend more time deep diving into fundamentals of my comp sci classes and doing extra projects on the side to better understand what I was learning.

Did I not care? Was I not interested? Did I pick the wrong major? After many years, I've had a realization.

Consider times when you've thought you weren't good enough to do something. In those moments, were you actively accomplishing other things at the same time?

I'm going to guess no.
Jan 2, 2022 9 tweets 2 min read
Not that you need a new year as an excuse to do this, but why not consider it a chance to curate your Twitter feed to better serve you?

Let's talk about how you can do that. 1. Unfollow people who often (or even just sometimes) cause you to have stressed, angry, or upset feelings.

You don't owe anyone a follow. If it's a friend, you can consider letting them know why you've made the choice, but you're not obligated to.
Sep 8, 2021 18 tweets 4 min read
Wanna up your Linux game?

This will be an evolving 🧵 of commands I learn about today and the resources used ⬇️ 1. awk

awk is used for text manipulation within the command line.

A common use is specifying what kind of information you want to pull from a file or command output.
Sep 7, 2021 13 tweets 3 min read
Interview advice for people getting into tech 🧵 ⬇️ 1. Know main points about the company.

When interviewing all around, this can be hard. But know the main things. Does it make a product? Know what the product is and does. Does the company have a specialty expertise? Know what it is. This is a simple first hurdle to prepare for.
Sep 7, 2021 6 tweets 1 min read
Potentially unpopular opinion:

Patching is not a sustainable security solution. There are two groups impacted here:

1. Infrastructures/orgs/companies/etc

2. Individual users
Aug 28, 2021 4 tweets 1 min read
This.

As an earlier career woman in tech, being told titles don’t matter by men already at the top of the ladder feels so dismissive.

Especially when other conversations revolve around how they “know I’m technical and want others to know it too”.

That’s what titles are for. In fact, I’ve been told that being a technical lead too early (despite being qualified and requested for the position) would make others question if I actually had the technical chops.

That being a TECHNICAL lead would make people question my TECHNICAL abilities.
Aug 27, 2021 12 tweets 2 min read
Let's talk data privacy guilt.

Are we doing enough to protect our data? Are we responsible for our data being collected and used? Is it bad to depend on big tech?

🧵⬇️ Everyone has some amount of awareness, on a scale of little to lots, about how our data is collected and used by the technology we use.

Yes, even the least tech-savvy people. They know that passwords can be stored, they like the ads they see, and map apps require location.
Aug 26, 2021 8 tweets 1 min read
Things not (normally) taught in computer science curriculums that should be included, a 🧵 ⬇️ 1. Secure coding

Not just taking off points when students submit code with security flaws, but proactively teaching why certain practices will provide said flaws. Help them recognize insecure coding practices. Understanding security is a critical aspect of sw engineering.
Aug 25, 2021 4 tweets 1 min read
Greatest Hits, the Infosec Remix:

Pinging on a Prayer
Monster Bash
Highway to Shell
We Didn’t Start the Dumpster Fire
Bring Vi to Life I write /bins not tragedies
Aug 17, 2021 12 tweets 3 min read
Ways to deepen your knowledge of Linux 🧵 ⬇️ Thanks to everyone who shared ideas in this thread, gonna pull out ones I thought sounded particularly useful!
Apr 28, 2020 6 tweets 5 min read
Who are people that those new to & looking to get into infosec should be following? @hacks4pancakes has lots of resources on her website.

@SwiftOnSecurity for keeping the joy in infosec.

@j_opdenakker has an awesome blog with lots of information about security awareness.

@JBizzle703 has videos related to building your career & more.