Welcome to Bob Theisen's blog
  • Welcome to Bob Theisen's Blog💙
  • Learning Goals for 2024-2025 📚
  • My Teaching Philosophy👨🏽‍🏫 🎤💻
  • My Impact on the World
  • Amplify your learning by building a home lab
  • IP Addressing Simplified
  • Automate All The Things🤖🦾
  • The Age of Empowerment
  • Drones & Cybersecurity 🚁🏴‍☠️
  • Emerging Technology Predictions
  • Educational Walkthroughs & Reviews
    • Hack The Box NetMon Educational Walkthrough
    • Hack The Box Dante Pro Lab Review, Reflection & Resources
    • My HTB CPTS Journey (In Progress)
    • AI Learning Resources for Beginners
    • Reflections from Hack Space Con 2023 🌘
  • Great Godly Resources to Feed Your Soul ✝️
  • Top 5 Cybersecurity Blogs & Podcasts
  • Gaming Reflections, Projects and Modding
    • Get a Starborn Ship early in Starfield (PC)
Powered by GitBook
On this page
  • The Space Coast is Awesome
  • Shoot For the Moon
  • Building Storytelling Skills and Technical Skills isn't so Different in Practice
  • Fundamental Skills are Essential to Long Term Success in Cybersecurity
  • Labors of Love

Was this helpful?

  1. Educational Walkthroughs & Reviews

Reflections from Hack Space Con 2023 🌘

To the moon

PreviousAI Learning Resources for BeginnersNextGreat Godly Resources to Feed Your Soul ✝️

Last updated 1 year ago

Was this helpful?

I got the chance to travel to Kennedy Space Center (KSC) on the beautiful Merrit Island in Florida. At the conference I delivered a free training called Practical Networking Fundamentals and gave a talk called CVE Edu. Though I enjoyed leading my own training and talk, it was the people I met and spent time with that had the most impact on me. In this article I will share all my lessons learned and reflect a bit to share takeaways that you may learn from too. Each header is a different lesson learned.

The Space Coast is Awesome

First of all, the location is undeniably the coolest venue for a Cybersecurity/Hacker conference. There's rockets and spaceships all around with reminders of the rich history of technological breakthroughs that happened in reaching space. This was my first time visiting the space coast and I can certainly see why they call it the space coast. It's not just Kennedy Space Center, other aerospace ventures like Blue Origin, Boeing and Space X have sites in the area.

The conference was held at the The Center for Space Education which is one of the many buildings at the Kennedy Space Center. I personally was expecting the KSC to feel more like a museum but it had a more exciting feel closer to an amusement park. It is the perfect blend of museum and amusement park.

Shoot For the Moon

I originally learned about Hack Space Con via a Twitter post. I knew right away that I was going to make a way to attend. The venue sealed the deal for me but even more important was seeing a rock star group of trainers, speakers and infosec legends scheduled to present and lead training.

Among just a few legends are:

And many more

It would've made sense to have the conference in this building considering the caliber of people that were there:

About a week after I learned about the conference I received an idea.

What if I could teach or talk at the conference?

I went to Hack Space Con's website and submitted my talk idea and structure for CVE EDU. A few days later I get an email from one of the team members responsible for organizing the conference. The email indicates that they are interested in hearing more about my talk idea so we schedule a discussion. In the discussion I share my idea, talk outline, a bit about myself and they decided to put me on the schedule for my talk. Not only that but I was also given the opportunity to deliver my training Practical Network Fundamentals.

Never in a million years did I think one day I'd be sharing knowledge at a conference held at the historic Kennedy Space Center alongside legends in the field. Shoot for the moon and you may end up among the stars is certainly true in this case. If I can do something like this so can you, but you have to put yourself out there and be open to rejection. Do not expect rejection, just know that when you strive to accomplish your vision & dreams you will most certainly run into walls and barriers but ultimately the only way to fail is if you give up so just don't give up!

Building Storytelling Skills and Technical Skills isn't so Different in Practice

The legendary Ed Skoudis was there and he was teaching a free workshop on Story Telling. I had to go.

  • Include numbers, names, odd details and more

We would then go into another round of story telling but try to apply the tips to our story. After that round he gave us higher level tips to apply and we told our stories again. Once the final round of tips and story telling was done each person was given the opportunity to tell their story to the entire group. I volunteered to go first and Eli went second. As Eli and I were preparing we realized that the stories we were telling actually intersected. I was telling the story of how I became a college professor and he was telling his story about he got into the industry. Our stories featured one another and when we individually went in front of the whole group to tell our stories, we included one another to essentially unify our stories.

Our stories built up to the conference and we could connect that in real time. It was a special moment that I will never forget and speaks to the power of helping one another grow not just in the beginning but throughout your career. With enough intentionality you really can grow together and help others along the way, that is what community is all about. That was what Hack Space Con 2023 was all about. Helping each other do and get better!

Fundamental Skills are Essential to Long Term Success in Cybersecurity

A reoccurring theme and conversation that has been going on at least in the circles I am in is:

"How do I break in as a beginner?"

"Is Cybersecurity a beginner field?"

"What skills do I need?"

This deserves a whole dedicated article but I will speak to this based on conversations I had at the conference. At Hack Space Con there was a good number of people seeking to break into the field which is encouraging to see at a conference. More beginners need to go to these conferences because you will gain high quality guidance and contacts from industry pros that attend. Conference organizers, village leaders and industry pros we need to build more tracks for beginners and even develop pipelines into actual jobs. One of the reasons I did my Practical Networking Fundamentals training was because I wanted to help beginners start to lay a foundational understanding of computer networks. I've noticed this is a learning gap that should be filled and one many universities are not doing a very good job with. Lots of college graduates and beginners in the field need to develop a better understanding of how computer networks work and get hands-on experience with vendor-specific equipment to prepare for the job market.

How can you continually secure a network if you have never built or administered one?

Please don't be discouraged by that question if you are a beginner. I am not a gatekeeper, I'm a bridge builder looking out for your best interest. I do not think there's a set number of years you must spend in an IT role. I just think you need some experience at the foundational level of IT before you can effectively start hacking & securing IT systems confidentally. While you are training and aiming for Cybersecurity focused job roles get an IT support/admin role. It's certainly not as sexy, flashy or as high paying but it pays pretty well and it is work where you build skills directly applicable to most technical Cybersecurity positions.

During the training there were some experienced network administrators in the room. When I asked why they chose my training they mentioned

"I just wanted a refresher and to strengthen my foundations."

Others said:

"I chose the training because the description mentioned it was beginner friendly"

What I realized is that most people have not had high quality-structured training on the subject of computer networking. Training companies and educational institutions..... this is an opportunity to build lessons, labs, hands-on exercises and curriculums that will be of great service to people trying to break into and excel in the industry. It is needed and many people don't realize they need to know computer networking. I'm talking beyond packet tracer and theory. I brought over 10 switches and routers with me. You should've seen the security guard's faces as I was pulling my heavy cart onsite at KSC.

Joke:

*secret service slowly approach me while speaking into radios*

"We got a man with an unkempt goatee, very nerdy with a kart full of electronics and a pink amazon box. He needs to be detained immediately."

Most networked computing environments are not cloud-native. They have switches connecting computers together and routers routing traffic to different networks, out to the Internet and in from over the Internet. VLANs are in place segmenting networks. Yes, hybrid-cloud is certainly a thing in a lot of places but there's still physical network infrastructure and pretty complex logical topologies (VLANs galore, trying to segment all the things). Argue with me in the comments if you are seeing something different on your side. Because of this I think we should train and teach more computer networking. It will help in better understanding how cloud networking works as well.

Labors of Love

It was an honor to be part of it and I hope to be part of it next year where we can go even bigger.

It's Not about You... It's about Others

As always, before I end each edition of this newsletter I like to share some good news.

Acts 20:35 AMP reads:

"In everything I showed you [by example] that by working hard in this way you must help the weak and remember the words of the Lord Jesus, that He Himself said, ‘It is more blessed [and brings greater joy] to give than to receive.'"

It is more blessed to give than to receive. This is harder to do than to simply know because it is so much easier to live selfishly. I find it much simpler to just chase money and do what just works best for me and my family but having faith grounds me in a much bigger calling. My family and I are blessed. We believe God takes good care of us therefore we should reach out and help others. One of the main reasons I teach and share what I know is because I believe it is my calling. It is not the best financial decision for me to teach at a community college but it is where I see a great need can be met for people that normally would not be able to receive (afford) a great education. I believe I am called to help learner focused organizations with empowering people to work in this field and live a better life as a result.

I believe everyone has a calling that they are uniquely equipped for and a central part of it involves empowering others to be all they can be in some way.

What is your calling?

Have an amazing week and keep learning!

CISO at BuddoBot Inc & Fantastic Educator

Senior Security Analyst at Black Hills Information Security

President of The SANS Institute

Inventor of countless amazing Hacker Tools (winPEAS, linPEAS & HackTricks)

World Renowned Author

Vice President of Attack Surface

Chief Content Hacker & Sales Director of TCM Security and Creator of IT Career Questions YouTube Channel

(The Cyber Mentor) Founder & CEO of TCM Security

I encouraged one of my former students and close friend (Eli) to attend this conference as well. He also came to this story telling workshop. Prior to this workshop I'd never really considered the importance of story telling nor had I ever intentionally tried to improve my ability to tell stories. Ed Skoudis had us pick a partner (Eli was my story telling partner), a story, and to tell that story in 3 minutes or less. Ed started a 3 minute timer and one person would tell their story to their partner. Once the timer was up another 3 minute timer was started and the other person would tell their story. After the first round Ed taught us some simple tips that could enhance our story. Things like:

That said is a truly talented and gifted individual currently working in a large enterprise IT role. His dream is to work in the aerospace industry (especially for Space X) in an IT/Cybersecurity focused role. He can tell you just about everything about the latest launches coming up, the rockets, companies and technologies being built in the current space race. If any of you reading this is in aerospace and can assist him in fulfilling his dream please reach out to him, I promise you will not regret it.

Shout out to the conference organizers at , they are absolute saints and heroes for making this happen. It was clearly a labor of love focused on being a blessing to others:

I also want to shout out the awesome folks at who are doing incredible work that the world needs to know about.

Whatever it is, actively seek it and you will experience a life that is full of joy, love and just causes ('s term). It won't be easy..... but the fight will be worth fighting.

Jason Haddix
Beau Bullock
Ed Skoudis
Carlos Polop Martin
Phillip Wylie
Jeff Foley
Zach Hill
Heath Adams
Elijah Barbee
Elijah Barbee
Hack Red Con
Ken Nevers
Zachary S Stashis
Daniel Niefeld
Latinas In Cyber
Angela Hill, PMP®
Vanessa Morales
Samantha Bolet, M.S., CIPM
Simon Sinek
The Bug Hunter's Methodology - Application Analysis
Beau Bullock - Black Hills Information SecurityBlack Hills Information Security
Beau Bullock
Ed Skoudis | SANS Institute
Ed Skoudis - President of SANs Institute
GitHub - carlospolop/PEASS-ng: PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)GitHub
Carlos Polop - Creator of PEASS-ng
HackTricksHackTricks
HackTricks
Phillip Wylie - The Pentester Blueprint: A Guide to Becoming a Pentester
Logo
Jeff Foley - Advanced Recon with OWASP Amass video
Logo
Zach Hill - IT Career Questions
Logo
Logo
Ethical Hacking in 12 Hours
Latinas in CyberLatinas in Cyber
Latinas in Cyber
Blue Origin
It wasn't actually held in this building :)
Learning from Ed Skoudis
Lots of networking equipment
Page cover image
Logo