In Conversation with Tribal Qonf Speaker – Santhosh Tuppad
To connect our Tribal Qonf Speakers and Audience better, we decided to interview our Speakers over a few important questions. The result was just amazing. We are sure you will love this.
Geosley: Tell us a little bit about what inspired you to become a tester and fascinated with Security Testing?
Santhosh: If I had to answer this question in one word, then that would be a “Computer”.
The first computer that I laid my hands-on was the “Disc Operating System” where I used to play around with various command-line inputs. Most of my time was spent playing “Prince of Persia” [ Monochrome and not High-Definition like today ] and “F1 Race”. My age during these times was 12.
Nowadays, people know me as a professional ethical hacker/security expert/security researcher / passionate software tester etcetera. However, I got into “Hacking” when I was 16 because I got entered into the “Beautiful Internet”. I grew as an IRC addict [ IRC = Internet Relay Chat ] and my initial hack was to decrypt the credentials of “Dial-up Internet Connection” so that I could use someone else’s account during midnight time when they used to not connect to the internet.
Long story short, professional ethical hacker and software tester is not about getting into it for me; but I already had this in me and I followed what I felt within my visceral. That’s not only about ethical hacking and software testing, because that’s how my life in general works. I do what I love to do and that’s what keeps me lively.
The main inspiration to me was and is myself while everything around me is a catalyst to unlock the potential. I am thankful for everything in this life. It wouldn’t be wrong if this attitude makes me chutzpah.
Geosley: What or who has been the greatest influence in your professional life?
Santhosh: I believe everything that has lived and is living around us influences how I stride.
Geosley: How are you practicing your skills during COVID-19?
Santhosh: COVID-19 doesn’t change my situation. I have been a learner and enjoying what I love doing. I have remained a fan of learning a variety of subjects based on whatever I believe at that moment. Furthermore practicing is something that I have always enjoyed.
As long as I am living, events such as COVID-19 doesn’t change my learning attitude.
Geosley: Why is Security Testing so important in every project and what is scope for the same in the near future?
Santhosh: Are we still discussing this? OMG! I cannot imagine we still ponder over this question even in today’s world. I won’t speak about the future just to become “famous” by using jargon such as “This is the trend, that is the trend” etcetera.
Stop using doors and locks of your houses if you believe that it is not important really
For the very same reason, now think about “ software security ”. You will get an answer 😉 If you still don’t get it, then you have to invest time in learning and thinking.
I don’t want to waste my time explaining this again and again. It’s been over a decade I have explained this to people. I am tired now!
If you trust me, go and test your application security as though someone is breathing down your neck.
Geosley: What advice you give budding and existing Security Testing enthusiasts?
Santhosh: The study, learning, practice, and repeating will take you a long way. Not always you need a “Guru”, you have it inside you and you just got to give it a sweet tap.
Geosley: How will your talk motivate the attendees and one lesson they will carry at the Tribal Qonf ?
Santhosh: I understand that most or some of them will have no experience in security testing / ethical hacking, but I have always been a person who provides examples and makes the topic look easier to assimilate and cement it in their brain. In my talk, everyone will take the first step towards security testing by just observing and understanding the concepts. Yes, it’s about HTTP Headers and I will be focusing on how one can inspect and report misconfiguration of HTTP headers. Also, they will understand the kinds of attacks that can exist if these secure HTTP headers are not configured at all. I promise that it will be fun and a great learning experience for participants. One lesson that they shall carry will be saying the following to their self:
I need not be scared of learning security testing/ethical hacking as I just need to make an effort to take that first step.