DEV Community

Play Button Pause Button
Paula
Paula

Posted on

Freedom of Security with Paula de la Hoz

I'm 24 years old, working as a Redteam in Telefonica, based in Madrid. Conding since I was 15, my favorite languages are Python, Bash and C. I love hardware hacking and electronics, and I love building electronics for security, I also enjoy teaching and mentoring.

At the beginning of the talk I will explain the security issues I've faced in my job, mostly when talking to app developers and users, as well as from research.

Towards the middle of the talk I want to introduce how freedom of software has provided many tools to cover those issues and then discuss the importance of open cybersecurity in society. At this point, I'll show off some tools and scripts.

Finally, I want to conclude by providing some security tips for developers, along with guidance on how to help security professionals when auditing their companies.

Here is a download link to the talk slides (PDF)


This talk will be presented as part of CodeLand:Distributed on July 23. After the talk is streamed as part of the conference, it will be added to this post as a recorded video.

Top comments (30)

Collapse
 
marlyn_suarez_ profile image
Marlyn Suarez • Edited

Honestly, I think this is the coolest talk of the day! 💛

Collapse
 
terceranexus6 profile image
Paula

Oh wow thank you! Although I loved all the previous talks as well. I'm glad you enjoyed thank you!

Collapse
 
paulc_creates profile image
Paul Caoile

@terceranexus6 , how did you get into this career and what is required to get into this career?

Collapse
 
terceranexus6 profile image
Paula

I started studying every single day online and actually I posted all my development here in dev.to. I went to all the security events in my country I could afford to go and started to send papers to conferences until they got me, same happened while looking for a job! I'm just passionate about this so I'm happy about studying everyday.

Collapse
 
miriamtocino profile image
Miriam Tocino

That's truly inspiring. 💙

Collapse
 
paulc_creates profile image
Paul Caoile

Thank you, Paula. I will look into your posts.

Collapse
 
omarkhatib profile image
Omar

my love for Computer science was since childhood because of the Anonymous news back then it was a trend. I think a lot of SE/CS also have they inspire from them , also from games. BTW thanks <3.

Collapse
 
terceranexus6 profile image
Paula

Thank you!! yes those media resources are a truly inspiration. I'm a lover of "Hacker files" comic series for example. Thank you for attending :)

Collapse
 
bryantit profile image
Bryant Richards

Is there some kind of sandbox environment to practice these in without messing around with a real website or business?

Collapse
 
terceranexus6 profile image
Paula

Sure! try using hackthissite, portswigger academy and hack the box! you should end up being a pro if you get used to those! ;)

Collapse
 
bryantit profile image
Bryant Richards

Thank you so much!

Collapse
 
info5am profile image
Sam

Great intro to cybersec, thanks, Paula!

Collapse
 
terceranexus6 profile image
Paula

Thank you! It's been difficult for me, I could spend hours talking about it hahaha

Collapse
 
info5am profile image
Sam

Hahah I can imagine that! I am very new to the industry, so I'm very excited to check out your publications :)
I was also curious if you are asked to social engineer the employees as part of the pentest? :D

Thread Thread
 
terceranexus6 profile image
Paula

It depends on the project but I've done it, yes. I speak about it widely in this post. I love social engineering.

Collapse
 
mumbledenoise profile image
mumbledenoise

Loving this security demo!

Collapse
 
terceranexus6 profile image
Paula

Thanks!!

Collapse
 
missgidgy profile image
Gidget

Super interested this talk, as I don't know too much about cybersecurity! What are some good outside resources for people who would like to move into this field from more standard programming? Books, websites, etc.

Collapse
 
terceranexus6 profile image
Paula

Oh well if you are already a programmer thats a big step there you already took. Portswigger academy, hackthissite and Hack the box are really good labs to get into it, and the best way to learn about sec is to go to events from my point of view, because you can have a beer with speakers and discuss their expertise! (with security distance of course ;)) and books, there are some nice books such as the hacker playbook which updates every year, but it kind of depends on what you want to focus on cybersecurity. DM for a more focused advice if you want :)

Collapse
 
miriamtocino profile image
Miriam Tocino

Really nice presentation, Paula.

I loved hearing more about your back story and I just learned about red, blue, and purple teams!!

You mentioned you talk on a radio show in Madrid, right? Where is that? I'd love to check it out. :D

Collapse
 
ruannawrites profile image
Ruanna

Loved your talk & panel! Also, me encanta España y no puedo esperar hasta que es posible a viajar allí de nuevo! 😊

Collapse
 
terceranexus6 profile image
Paula

Let's hope that's soon!

Collapse
 
mumbledenoise profile image
mumbledenoise

Awesome security talk Paula! What's your favorite security tool?

Collapse
 
terceranexus6 profile image
Paula

I love the lower level the best, so openssl and nmap are the absolute winners because I can use them in bash scripting so smoothly!

Some comments may only be visible to logged-in visitors. Sign in to view all comments.