In today’s chat, we hold a discussion with one of Ghana’s leading Cybersecurity Expert who has published several articles on the internet and exploits for Google about security. At the time of writing this article, a team he leads on Hack The Box is ranked 27th out of the 270,000 teams across the globe.
Hack The Box is an online platform allowing hackers to test their penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.
With that being said, I know you can’t wait to read more about our guest today, BLAY ABU SAFIAN.
Can you tell us about yourself?
Founder of Inveteck Global, I am an Engineer, a Cyber Security Researcher, Exploit Developer (GHDB-ID: 5340), Certified Penetration Tester and Part-Time Bug Hunter. I studied in China and also a Defcon Attendee. Defcon is one of the world’s largest and most notable hacker conventions held annually in Las Vegas.
I am a member of the Hackthebox platform, which is a pentesting/hacking environment that mimics the real-world environment. I am the team leader of TeamInveteck, which is among the Top 100 teams in the world according to Hackthebox ranking. A member of the internet society and had the privilege of speaking at various events like Owasp Ghana, IoT Network Hub and as well published several security articles on the Internet and exploits for Google.
I took part in the 2019 international CTF competition for Cybersecurity experts organized by SECURITY AND RESEARCH COMMUNITY (SECARMY) in India which saw my team placing 18 out of 1,150. I have helped secure major companies like Caviar, Mailgun, Redox, Ibotta, Admissions Ghana, BYJU’S, etc. and have mentored over 200 plus Cyber enthusiasts internationally mostly in India, Pakistan, The United States, and Russia to name but a few in the past years and still counting.
What is Inveteck Global and what do you seek to achieve?
Inveteck Global is a Ghanaian based security firm that was established by very passionate and problem-solving cybersecurity experts in Asia and Africa that deliver security services to companies. It is important for private and government organizations to protect their brands and reputation from various types of cyberattacks.
We specialize in cybersecurity training, consulting, vulnerability assessment, and penetration testing. Our vision is to provide both small and large companies with an almost 100% security solution, establish a long-lasting relationship with our clients and win together with our clients.
What exactly is Cyber Security?
Cybersecurity, in my opinion, is the protection of data against cyber threats/attacks.
Why Cyber Security amongst the many fields in IT?
I personally choose cybersecurity above all fields because all the fields deal with data one-way or the other. Meaning cybersecurity is needed across all the domains for protection reasons against cyber attacks.
How can any of our readers start his/her career in Cyber Security?
To start a career in cybersecurity, you don’t have to be an expert. What is required of you is just passion, persistence, consistency and the determination to learn along the way. Have the mentality of having no special talent, just being passionately curious to learn and know more that’s all.
Kindly tell us about the various types of Hackers there are.
A black-hat hacker is a hacker who exploits a system for his own personal greed
A white-hat hacker is a hacker who has the permission to exploit a system and report them back to the rightful owners.
A grey-hat hacker is a hacker who falls between the white and blackhat hacker. They exploit the systems without permission but with no malicious intent.
What is the future of Cyber Security in Ghana and is there a strong Cyber Security Community in the country?
Well, cybersecurity itself I believe is still in the baby stage around the globe and talking about Ghana, I don’t think we fully understand “security” that much yet. This makes the future of cybersecurity in our country a bright one. And Yes!!! We do have a couple of cybersecurity communities in the country. The three major ones I’m aware of are TeamInveteck Community, CySec Ghana Community and IoT Network Hub
What job opportunities are available in Cyber Security?
Cyber Security Engineer, Systems Administrator, Network Security Engineer, Cyber Security Analyst, Data Security Analyst, IT Security Engineer, Chief Information Security Officer, Penetration Tester, Cyber Security Consultant, Cyber Security Trainer, etc
You mentioned earlier that you’re a part-time Bug hunter: Can you tell us about that?
A Bug Hunter is a security researcher whose aim is to find security vulnerabilities within applications and report them for a bounty or swag(gift).
First of all, as a bug hunter, I will advise readers to first familiarize themselves with the OWASP’s (Open Web Application Security Project) top 10 vulnerabilities, also read bug hunting reports from HackerOne to understand how others find their bugs. Bugs normally range from P1(severe) ~ P5(low).
Don’t bother trying to find P1 bugs yet. Start with P5(low) bugs first. Find out about the in and out of scope bugs. Find the in scope bugs and report them to licensed platforms like HackerOne, Bugcrowd, Synack, Intigriti. Don’t be hurt when your bug gets marked as a duplicate. Remember let the passion for bug hunting drive you in the beginning.
What advice would you give to our readers on how to protect themselves online?
For everyone who cares about his or her privacy and has a fear of being hacked. My advice is:
- Always use strong passwords. By this, I mean using a combination of letters (uppercase, lowercase), numbers, and symbols. Always enable 2-factor authentication where possible. You should also avoid using just one password for all accounts.
- Be careful with the forms you fill online. Always consider the WWW (who, what and where) your data is going to.
- Ransomware attacks are rife at the moment. Don’t blindly trust emails or open emails from untrusted sources.
What do you do in your leisure time?
During leisure, I’m mostly reading other security research publications and spending most of my time on HACKTHEBOX to sharpen my pen-testing skills. I hardly make time to go out with friends. My leisure time is still behind the screens. In addition to this, mostly I’m thinking of crazy security memes and spam my status on social media platforms just for my audience laugh.
What will be your last words for our readers?
Let passion lead if you really want to get into security. It takes time for clients or people to believe and work with you. Don’t expect to be great in just a day after learning some few cybersecurity tricks.
At this juncture, I hope we have all learned a thing or two from this discussion and for anyone who wants to delve into Cybersecurity, there is more than enough reason to first go into this field and as well be a master. You can get in touch with Inveteck Global through the following means.
Phone Number: +233 20 236 6048
Location: 25/1 Central Ashaley Botwe Assemblies (Same building with Fidel Pharmacy)
Pen-testing– an authorized simulated cyberattack on a computer system performed to evaluate the security of the system.
Cyber– a combined form meaning “computer,” “computer networks,” or “virtual reality,” used in the formation of compound words(cybertalk; cybersecurity; cyberspace, etc).
Ransomeware– a type of malicious software designed to block access of legitimate users to their system until a sum of money is paid by the user(s).
Thanks for making time out to read this article, sharing is caring so you can go ahead and use the social media sharing links below to share with your circle of friends.
You can follow Micro Tek Solutions on the following social media platforms, Facebook, Twitter, and Instagram. You can join our Telegram Channel and Whatsapp Group as well for updates. You can also contact the Editor on firstname.lastname@example.org or +233 24 568 3810