This event’s focus was getting more women to participate in bug bounty programs, as we noticed the community is relatively small. When our industry friends from GitHub and Capital One reached out to HackerOne with the idea to create an event to promote the participation of women in bounty programs, we knew our goals were aligned with this initiative.
Women Are Underrepresented in Cybersecurity
Many of us involved in live hacking events don’t see many women participating. We broke down the communications and general participation in our programs and realized that women are underrepresented in the pool of researchers. We changed the conversation to, “How do we fix that?”
As women in this space, we realized the following to be true:
- There’s a perceived high barrier to entry, and you need to be an expert to participate or be taken seriously.
- Many women won’t apply for a job if they don’t believe they’re 100% qualified.
- We don’t take as much time as we should to make the community more inviting.
We spent the summer planning content and inviting speakers to create a program that could break down some of these barriers. Our goals for the Glass Firewall Conference were to:
- Create an inviting and safe space
- Focus on new and different career options in cybersecurity
- Provide content that can serve as a person’s first walk-through or as a refresher
- Share industry experience from various levels
- Lead an activity to put the skills to use
Breaking Down Barriers
About 60 in-person and virtual participants joined us for our first event. The educational sessions included an introduction to bug bounty and a hands-on Burp Suite introduction. To showcase the various career paths for women in cybersecurity, a panel of women spoke about their journeys, insights, and the immense opportunities in this field.
Tennisha Martin, Founder and Executive Sponsor of Black Girls Hack, taught a session on web vulnerabilities, introducing participants to common vulnerabilities like Cross-Site Scripting (XSS), SQL Injection, Cross-Site Request Forgery (CSRF), and more. Researcher and professor Katie Paxton-Fear also joined for an in-depth introduction to hacking and recon tools and methodology.
We closed the day with a web app capture-the-flag challenge, including a SANS course and NowSecure Academy subscription prizes for the winners.
A thank you to our industry partners — Women’s Society of Cyberjutsu (WSC), Black Girls Hack, Women in Cyber Security, and Women in Security and Privacy (WISP) — for inviting members to participate in this inaugural event.