Welcome to our Speaker Spotlight series, where we are getting to know some of our past Diana Initiative speakers.

Meet Jasmine Jackson, who presented “How Secure Is This Thing Anyway? A Guide Into Mobile Security and Bug Bounties” at our 2019 event.

jasmine-jackson-headshotJasmine has a Masters in Computer Science and a Graduate Certificate in Information Security and Privacy from the University of North Carolina at Charlotte (UNCC). Her foundation is in web application security but has branched to secure code reviews, mobile and cloud security with additional interests in IoT (Internet of Things). Jasmine’s blog, [PassionForPentesting], started with exploring cyber security topics by solving CTFs (Capture the Flags). The site has now grown to review cyber security training as well as provide guidance to aspiring cyber security professionals. The site has walkthroughs for challenges in web application security, mobile security, and cloud security.

How did you get started in Information/Cyber Security?
I became interested in Information Security when I stumbled into a Yahoo! Group on Cryptography. I started in Information Security in March 2012 when I created my blog, passionforpentesting.com. At the time I worked as a full-stack developer and was looking for a change. I found myself getting frustrated as I was getting rejected for InfoSec positions because I didn’t have the proper skills or certifications. The blog was used as an online portfolio where I solved CTF challenges and provided write-ups for beginners. The blog has grown to discuss certifications and courses that could be beneficial to aspiring InfoSec professionals.

Who inspired you, and why were you inspired by that person?
Dr. Clarence “Skip” Ellis. I was inspired by Dr. Ellis’ story as he was the first African-American to receive a PhD in Computer Science. I had the honor of working with him doing summer research at University of Colorado, Boulder. Listening to his story and trajectory inspired me to be a light and provide guidance for the professionals coming after me.

Why did you choose this industry?
I always tell people I didn’t choose this industry; the industry chose me. I will say, I stay in this industry because I am a life-long learner, and this field is always growing and changing which feeds that part of my personality. Also, I’m a solutions person, and this field has some unique and challenging problems that always keep me on my toes.

Can you share some challenges you’ve faced in your career?
Unfortunately, I have faced plenty. I’ve had to face the “angry black woman” stereotype because I am an assertive woman whereas if I was Caucasian this personality trait would be applauded. Also, I’ve faced adversity where I have not received the same support or opportunities as my Caucasian colleagues even when I had more education and experience than them.

What advice would you give other BIPoC looking to enter this field?
My main advice would be that you would have to be your biggest cheerleader. Also everyone will not understand your journey or process. If you find yourself in a toxic job where you’re not being supported or given the same opportunities to thrive as your coworkers, start making an exit strategy to leave. It’s a motto that my friends and I have – “this is not your pond.” The meaning is that your craft/experience/talent will make room for you. Finally, take jobs/responsibilities that scare you a bit. These are the positions that will make you to grow. There’s no growth in the comfort zone. It’s better to be in the game as opposed to on the sidelines.

Are there any groups that have been supportive or extra helpful on your journey?
Yes, there are plenty of groups. Women’s Society of Cyberjutsu, Cybrary, OWASP, Bugcrowd, and Hackerone. These groups have provided resources, training, and guidance for me when I have questions or concerns.


Thank you Jasmine for sharing your thoughts and experience with us. You can connect with [Jasmine on Twitter].