May 4, 2019

David Scrobonia - Lifelong builder, Appsec Engineer, Creator of ZAP Heads Up Display

From Zero to One, David is a lifelong builder. Wherever he goes, he just builds things. From an electric car to Adhoc android apps to ZAP HUD to an awesome heads up display for ZAP Proxy, he's a game-changer, IMHO. We discuss the lack of UX in the security tooling community, how contributing to Open Source got him his job, and even about imposter syndrome.


From Zero to One, David is a lifelong builder. Wherever he goes, he just builds things. From an electric car to Adhoc android apps to ZAP HUD to an awesome heads up display for ZAP Proxy, he's a game-changer, IMHO. We discuss the lack of UX in the security tooling community, how contributing to Open Source got him his job, and even about imposter syndrome.

BIO

David Scrobonia is part of the Security Engineering team at Segment, working to secure modern web apps and AWS infrastructure. He contributes to open source in his spare time and leads development for the OWASP ZAP Heads Up Display project.

Notes

  • Mostly interested in architecture and mechanical engineering when younger.
  • Built his own electric car with his dad, out of a Porsche 914!
  • David explains XSS and why certain languages are better than others, such as React
  • David gets lost in El Segundo. Yes.

Quotes

  • "It's just a program that listens to these silly protocols."
  • "I wanted to do more hands-on stuff, [and] quickly fell in love with the coding side as a lot of people do."
  • "I was like... what's GET? What's POST? What do you mean?"
  • "Before you know it, right? It seems so daunting."
  • "Still plenty of opportunities out there. [It] will be a long time before the world is perfect and secure."
  • "I've been working in the security industry, but I didn't really feel part of any security community."
  • "I have nothing but good things to say about the open-source community."
  • "They're (security tools) just not built with user experience first."
  • "I think people underestimate what they are able to contribute."

Links

Getting Into Infosec:

Follow Ayman on Twitter

Breaking IN: A Practical Guide to Starting a Career in Information Security