Start here

It has been 18 years since I started working, and most of it is in infosec (around 16 years).

Not everything was hunky-dory in this journey, however.

praises, brickbats, warts and all - that's my journey.

Who am I? And why I am blabbering about it, here, in public?

This blog is a collection of posts, from my past to my present and future self. An observation of all things infosec around me.

However, it could also be useful for penetration testers, security auditors, security risk assessors, and decision makers.

It could be useful to you, if ...

You are a pentester and want to know what other things you can do?
You are a pentester and wonder how you can add value.
You happen to be a security auditor and wonder if you could become a pentester and what it entails?
You have been wanting to become a security auditor or a risk assessor but need a taste of what it entails?
You want to make a switch into security.
You want to understand infosec in a top-down manner.
You want to know what is this 'top-down' manner all about.
You want to be a CISO and want to read more about what it entails.

If you are a pentester, here are some posts.

I have observed security leaders and have gathered some tips. Here they are.

If you are auditor or risk assessor, here are some food for thought.

At the intersection of pentest, auditing, risk management and career advice. Musings based on real experiences, not theory. All infosec, mashed up.

‎Follow the Risky Context channel on WhatsApp (if WhatsApp is your thing. Your number is not shared with others when you connect to my channel): https://whatsapp.com/channel/0029VaDqrFU8aKvQohD5nq0r

Sign up for Risky Context