Coffee Catch Ups: Jakob Pennington
Updated: Jan 29
Jakob Pennington is an Application Security Specialist at Taptu IT . Originally from Renmark, he now lives in Adelaide and is an active member of the Adelaide tech industry. He is a regular presenter on cybersecurity and is a co-organiser of the SecTalks meet up and the HeapsGoodDev events.
Jakob and I sat down over coffee to discuss his upcoming talk at DDD Adelaide on 23 November 2019.
First things first – best coffee shops and what are you drinking?
Long Black here at La Moka – which is just across Peel Street from the Taptu offices. I’d also like to give a shout out to Sublime, their 52 Blend beans are top notch and are a staple at home.
Tell me about your path into the tech industry?
In 2011 I moved to Adelaide – I studied the sciences high school so started a degree majoring in physics and by chance picked a minor in computer science. I found myself enjoying the challenges of programming more and more, so I moved away from physics and majored in comp-sci. In the end I completed honours with a strong focus on Security and the Internet of Things.
After a number of coffee catch-ups with my mentor, I was offered to join Head Full of Heart as a graduate software developer. Early in my career, I was asked what I really enjoyed doing, and given the opportunity to pursue what interested me most. That’s when I started penetration testing, and have since moved into my current role with Taptu as an Application Security Specialist.
That’s not a common job title – what is an Application Security Specialist?
An Application Security Specialist is a cross between a developer and a cyber security specialist. I have expertise in both areas and consult to both sides of the fence to ensure that applications are robust and secure.
What are you most excited about when it comes to the future direction of application security?
I’m looking forward to cybersecurity being more widely integrated into the dev process – not in a separate team but as an integrated part of the team. Rather than focusing on security testing at the end of the software lifecycle, we’ll start including security expertise and testing throughout.
What advice would you give your 18-year-old self?
I could have got involved in the local meet up community earlier. I have benefitted so much from meeting and learning from other passionate cybersecurity people, and getting involved on the organiser side of things has been really rewarding too.
Can you tell us a little about your talk “Shifting Left: DevSecOps as an Approach to Building Secure Products” at DDD?
I will be talking about leveraging DevOps tooling and processes to integrate security testing into your pipeline. In this talk I will discuss my belief that we need to begin security testing from the very beginning of the development lifecycle – and test continuously throughout the product lifespan.
What are the key takeaways from your talk?
If you are a developer and you realise that security is important – there are some really important wins you can get from this talk. I will talk a bit about the tools and techniques a pentester uses when testing web applications, how you can use some of these approaches as a developer, and some tips on incorporating security expertise into a development team.
Which talk are you most looking forward to at DDD Adelaide?
I can’t wait to see Scott Cabot’s talk on accessibility in gaming. He did a similar talk at a meetup recently and I couldn’t make it, but I know he’s done a ton of work on it!
Jakob is presenting at DDD Adelaide is on 23 November 2019 at MOD. Tickets are available now at www.dddadelaide.com/tickets
Encode Talent (www.encodetalent.com.au) is proud to be the coffee cart sponsor of this event.