N-able’s Keiran Smith on Building Better Security Through Development Experience episode artwork

EPISODE · Jan 7, 2025 · 23 MIN

N-able’s Keiran Smith on Building Better Security Through Development Experience

from Ahead of the Breach · host Sprocket

From executing his first SQL injection at age 14 to contributing to the Linux kernel, Keiran Smith’s path to becoming Lead Pentest Engineer at N-able is anything but conventional, as he tells Casey in this episode of Ahead of the Breach. His journey weaves through roles as a senior developer, architect, and DevOps engineer — experiences that transformed him into a security leader who speaks both attacker and defender languages fluently.  Drawing from his extensive software development background, Keiran explains how understanding code makes him a more effective penetration tester and enables him to build stronger relationships with development teams. Armed with Rust-based custom tools and a developer's mindset, he shows how technical expertise paired with engineering empathy creates a more effective approach to security testing. Topics discussed: Bug bounty programs have transformed security testing, creating legitimate paths for aspiring ethical hackers. Understanding code architecture and development processes makes for more effective and impactful security testing results. Creating productive partnerships with development teams by offering solutions rather than just pointing out problems. Essential penetration testing tools, including Burp Suite extensions like Stepper and Hackvertor. Streamlining security documentation with Obsidian, markdown-based notes, and automated report generation through custom CI/CD pipelines. Strategies for tracking and testing constantly evolving attack surfaces in modern development environments. Real-world guidance for newcomers about embracing failure and building strong technical foundations in security. Lessons learned from multiple OSCP certification attempts and why persistence matters more than initial success. How contributing to open source projects like Swagger Jacker and developing custom tools enhances the security community.

From executing his first SQL injection at age 14 to contributing to the Linux kernel, Keiran Smith’s path to becoming Lead Pentest Engineer at N-able is anything but conventional, as he tells Casey in this episode of Ahead of the Breach. His journey weaves through roles as a senior developer, architect, and DevOps engineer — experiences that transformed him into a security leader who speaks both attacker and defender languages fluently.  Drawing from his extensive software development background, Keiran explains how understanding code makes him a more effective penetration tester and enables him to build stronger relationships with development teams. Armed with Rust-based custom tools and a developer’s mindset, he shows how technical expertise paired with engineering empathy creates a more effective approach to security testing. Topics discussed: - Bug bounty programs have transformed security testing, creating legitimate paths for aspiring ethical hackers. - Understanding code architecture and development processes makes for more effective and impactful security testing results. - Creating productive partnerships with development teams by offering solutions rather than just pointing out problems. - Essential penetration testing tools, including Burp Suite extensions like Stepper and Hackvertor. - Streamlining security documentation with Obsidian, markdown-based notes, and automated report generation through custom CI/CD pipelines. - Strategies for tracking and testing constantly evolving attack surfaces in modern development environments. - Real-world guidance for newcomers about embracing failure and building strong technical foundations in security. - Lessons learned from multiple OSCP certification attempts and why persistence matters more than initial success. - How contributing to open source projects like Swagger Jacker and developing custom tools enhances the security community.

NOW PLAYING

N-able’s Keiran Smith on Building Better Security Through Development Experience

0:00 23:59

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Ahead of the Breach?

This episode is 23 minutes long.

When was this Ahead of the Breach episode published?

This episode was published on January 7, 2025.

What is this episode about?

From executing his first SQL injection at age 14 to contributing to the Linux kernel, Keiran Smith’s path to becoming Lead Pentest Engineer at N-able is anything but conventional, as he tells Casey in this episode of Ahead of the Breach. His journey...

Can I download this Ahead of the Breach episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!