December 8, 2022
by Hacker Valley Blue
Angela Saccone, Community Manager at MetaCTF, Cyber Competitions Coordinator at Women’s Society of Cyberjutsu, and Youtube Content Creator, joins the pod this week to talk about content of all kinds— from cyber competitions to online courses, k-pop dance videos to Python programming videos. Angela talks about her experiences from a red and a blue perspective, her drive to educate future cybersecurity practitioners, and why it's important to be transparent about the daily routine of cyber professionals.
[00:00] Getting involved in cyber with a communication-focused mindset
[10:18] Falling in love with blue team & red team aspects of the cyber field
[18:23] Collaborating in cyber competitions for Cyberjutsu
[26:11] Mentoring the next generation of purple teamers
[35:55] Learning something new with cloud software & purple teaming
Thank you to our friends at Axonius and PlexTrac for sponsoring this episode!
The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley
PlexTrac, the Proactive Cybersecurity Management Platform, brings red and blue teams together for better collaboration and communication. Check them out at plextrac.com/hackervalley
Did you learn anything while being in CIO/CISO type roles that helped you better understand how to communicate with management and c-level executives?
Working with upper-level management and c-level executives early in her career gave Angela a unique perspective on the importance of communication. Instead of focusing too heavily on jargon and technology-heavy vocabulary, Angela takes a more personalized, understanding tone with her c-level interactions. Bring those technical concepts into real-world examples in order to achieve that effective communication from the practitioner level through the c-suite.
“We're all in this together. That sounds so cheesy, but that's really what it is, at the end of the day. Communicating is really important, and also, don’t use so much jargon. You have to learn how to bring technical concepts into everyday plain English. That's not easy, but it's a skill.”
When you had those purple team exercises, how much more of a benefit was that as opposed to when you're just working with your individual team?
Cyber competitions were Angela’s gateway drug to purple teaming. Experiencing such a collaborative yet competitive environment taught Angela to think in terms of real-world scenarios for red and blue team exercises. She learned to push her perspective beyond her individual team and consider each side of the red vs blue debate, which has made her a more well-rounded, collaborative, and educated cyber practitioner.
“If I'm blue, I need to think red. I need to think about how they're getting in. How are they getting privilege escalation? With the red team, we need to think blue, in my opinion, because we need to think about: How are they defending? We need to dig in deeper.”
What inspired you to start cyber content creation with your YouTube channel?
Angela was originally exposed to content creation through MetaCTF, who asked her to create CTF walkthroughs on their YouTube channel. What started off as an experiment in expertise became a major passion for Angela, who was bitten by the content creator bug. She’s since adapted her YouTube channel to focus on day-in-the-life vlogs and videos about her career as a community manager and her volunteer work with the Women’s Society of Cyberjutsu.
“I've always been this example for my social media audience, and even in person, where people are always asking me for help on cyber concepts. Instead of me just verbally saying it, I feel like video is the next best thing. It was really just to help people and also help myself.”
What advice would you give someone in tech looking to transition into a purple teaming, collaborative environment?
Although the idea of entering an environment that’s collaborative might be daunting to those who have spent time in the red vs blue silo, Angela advocates for practitioners to always learn and grow. Expanding your knowledge and opening your mind to new experiences helps you achieve a new level with your career. Leveling up together should be the goal for all cybersecurity practitioners, regardless of if you’re red, blue, or somewhere in between.
“We have so many different resources to help people get involved, so it's good to just not be afraid. I know it's easier said than done but don't be afraid to fail and don't be afraid to succeed as well. Own it. Own those small victories, every small win is a win.”
Watch the live recording of this show on our YouTube
Continue the conversation by joining our Discord
Daniel Borges, Senior Red Team Engineer at CrowdStrike and author of Adversarial Tradecraft in Cybersecurity, brings his unique perspectives on learning, training, and failure to the pod. Collaboration is key in any purple team, and Dan believes coll...
Jorge Orchilles, Chief Technology Officer at SCYTHE and Principal SANS Instructor, brings his expertise in purple teaming to the pod this week to talk about the uniquely human and the understandably technical parts of red and blue collaboration. As t...
Angela Saccone, Community Manager at MetaCTF, Cyber Competitions Coordinator at Women’s Society of Cyberjutsu, and Youtube Content Creator, joins the pod this week to talk about content of all kinds— from cyber competitions to online courses, k-pop d...
Eric Thomas, Detection & Response Engineer at HD Supply, brings his 15 years of experience in tech and cyber to the show this week to discuss collaboration— the most essential piece of the purple team formula. Eric walks us through his day-to-day rou...
Nick Popovich, Hacker in Residence at PlexTrac, drops by to say hi to the Hacker Valley crew and give some insight into PlexTrac’s purple teaming services. Starting his career in offensive security as a pen tester, Nick gained great insight into purp...
Alexia Crumpton, Lead Cybersecurity Engineer at MITRE, joins the pod this week to cover leaving the old ways of cybersecurity behind to embrace the new generation. As both an engineer with MITRE and an educator for future cybersecurity practitioners,...
Bryson Bort, CEO and Founder of SCYTHE, dons his unicorn getup and joins the pod this week to talk about purple teaming and building businesses with community in mind. After founding GRIMM, his first company, Bryson wanted to carve a path of purple t...
In this episode, we’re joined by Maril Vernon. Maril is a purple team lead and co-host of the Cyber Queens Podcast. From a background in marketing, Maril’s natural curiosity and determination lead her to a new career in cybersecurity with the Air Nat...
In this episode, host Davin is joined by Tyson Supasatit, the Director of Product Marketing at Uptycs, to discuss how Upytcs is leveraging the MITRE D3FEND framework to further build upon their defensive capabilities. Tyson shares how Uptycs utilizes...
In this episode of Hacker Valley Blue, host Davin is joined by McKenna Yeakey, a Corporate Security Engineer at Plaid, to discuss the importance of human-centric security. Mckenna explores the “human” aspects of her job and why end user impact plays ...