You can become a pentester

Yara AlHumaidan (Cybersecurity Principle Consultant) specialises in red-teaming, ethical hacking, and purple teaming. After graduating from a business course at Imam Abdulrahman bin Faisal University, she discovered a curiosity for ethical hacking – and dedicated herself to self-study to begin her career in this space. 

Six years later, she’s rising fast through the industry. We asked her for a quick dose of inspiring for other aspiring pentesters – and here’s what she told us.

The takeaway? No matter where you’re at right now, you can become a pentester if you dedicate yourself to learning. 

What first sparked your interest in ethical hacking?

“My fascination with ethical hacking ignited when I realised the profound impact technology has on society, and the vulnerabilities that come with it. This awareness led me to explore the ethical side of hacking, where I could use my skills to enhance cybersecurity defences and protect against malicious threats.”

What are your proudest achievements in this space so far?

“My proudest achievements in the realm of ethical hacking include successfully identifying a couple of vulnerabilities in products that have been used in the market of technology. Additionally, I take pride in my commitment to continuous learning and staying updated with the latest advancements in cybersecurity technology and tactics.”

Right now, who are the pentesters you're more inspired by?

“There are several renowned pentesters in the cybersecurity community who continue to inspire others with their expertise, innovative approaches, and contributions to the field. Some notable figures include Joanna Rutkowska, Tom Hudson, aboul3la, and Katie Moussouris among others.” 

What advice would you give to someone who wanted to start building their pentesting skills, but didn't know where to begin?

“First, learn the basics. Familiarise yourself with fundamental concepts of computer networking, operating systems, and programming languages like Python, which are commonly used in pentesting. Gain a solid understanding of cybersecurity principles, including common vulnerabilities, attack vectors, and security best practices.

“Enroll in online courses or tutorials specifically focused on penetration testing and ethical hacking. Platforms like Cybrary, Udemy, and Coursera offer excellent resources for beginners. And supplement your learning with books and online blogs dedicated to pentesting and cybersecurity. 

“Engage with the cybersecurity community through forums, online communities, and social media platforms. Participating in discussions and seeking advice from experienced professionals can provide valuable insights and support. And finally, keep practising – pentesting is a constantly evolving field, so make a habit of continuously learning and experimenting with new tools and techniques. Stay curious, stay motivated, and never stop honing your skills.”

Finally, what did you gain from Black Hat MEA 2023?

“Everything was remarkable.

“I gained valuable insights into the latest cybersecurity threats, vulnerabilities, and defensive strategies through presentations, workshops, and networking opportunities. I also was lucky to discover new tools and techniques for ethical hacking and penetration testing, as well as connect with industry experts and peers to exchange knowledge and experiences.” 

Thanks to Yara AlHumaidan at Cyberani. Discover the remarkable experience of Black Hat MEA for yourself – register now.