Recently, I spoke with Stu and Dave, the founders of The Many Hats Club. I'd seen quite a few people talking about it on social media, so I wanted to find out what all the fuss was about. Here is how our conversation went:
Joe Pettit: Let's get started. Can you tell me a bit about The Many Hats Club? How did it come about?
Stu: Myself and Dave were on a thread talking about Steak and Infosec, and out of the back of this we decided to take the conversation off Twitter. We ran a poll to choose a platform, discord, slack and discourse. Discord won by a clear majority When we started we wanted to bring some of the Twitter Infosec community to The Many Hats Club. However, within the first week, we were very surprised by how many people joined!
JP: So, you've created a platform for folks to talk about steak and Infosec?! How did you appeal to the community? What was the pitch?
Stu: The origins although unconventional seemed to appeal at the time. The idea was (and is), to create a community where anyone, regardless of background, can learn, share information and connect with like-minded Infosec professionals. Today from our beginning six months ago, we've had over 1,600 members from leading researchers to professionals, hackers, and many noobs and students join. What's really unique about our community is the weekly live talks from guest speakers that are recorded and shared with the wider community. This initiative that started only three months ago has really propelled the growth and overall value we offer our members.
JP: That's great to hear. I guess you get a wide range of contributors as you cover so many hats. What value do you think black hats provide white hats and vice versa. What are you hoping to achieve?
Stu: We are now offering technical workshops like how to build labs, honeypots, etc. And have an invite-only research server. The idea is to bring all communities together. However, we don't condone any form of illegal activities! Additionally, there have been some interesting stories shared by previous black hats who have been through a path of redemption. This is where I think there is a value, that is, understanding the attacker mind-set.
Dave: No matter their hat color, each person brings with them their knowledge, expertise, or desire to learn. I think the aim is to have a friendly place where anyone can capitalize on the expanding wealth of knowledge available in there.
Stu: To add to this, if you create a positive environment where people can share, this makes for a great environment to collaborate or learn with each other!
In addition, we've managed to create not only a strong culture within TMHC but a sense of identity and belonging to something that is trying to make a positive change. We are even planning for our first conference this year, something that we’d never even thought would be possible. I think this is what makes us stand out, that everyone no matter their level of experience or background wants to be part of this. They see the potential and actively contribute to make it better every day!
JP: I like the approach. My main concern would be that those who carry out illegal activities may encourage others to do. But if you have great stories about previous black hats, that would be great to share with the community. Often, the people who get caught up in illegal activity are in their teens/early twenties, so perhaps a viewpoint from someone who has been there would be beneficial to your audience and the whole community.
Stu: I'd say that although we offer an open opportunity for every background (or many hats), our focus is on the white hat community and prevention of criminal activities. Every step is taken to prevent the recruiting of young hackers, who can be easily persuaded to join the "Dark Side!" Open dialog is the key. And being inspired by others who have maybe already walked over the fire and who can provide that type guidance or mentoring.
JP: How do people sign up to join? How do you select your weekly speakers?
Dave: We're currently on open invite at the moment, so anyone can join via the link on https://themanyhats.club/invite. If we ever decide to close up for a bit, however, we can both easily be reached via Twitter, and we also always tweet a link valid up to 24 hours before a talk.
Stu: In terms of speakers, we reach out to the Twitter community to find speakers that cover a range of topics from malware research, social engineering, hacking, OSINT, OPSEC, and leadership. We've had everyone from @paperghost, @Jenny_Radcliffe, and @kim_crawley to @fwosar, @HydeNS33k, and @sleepycal. We also have in-community talks from myself, @proxyblue, @zuphzuph and many others!
JP: That sounds really cool. I like your ethos, and it's great you cover such a range of topics. There is so much to learn, and the best way to do it is from others in the industry. Before I go, do you have anything else you would like to add?
Stu: Yes, you are as only good as your team, and we are lucky to have an awesome team of people that give up their spare time to support our community! Me and Dave would like to thank @SyrusActual, @notameadow, @BranndonEPike, @PolarToffee, @proxyblue, @CyberPathogens and all of our admins, for without their support and dedication, the community wouldn't be thriving like it is today!
JP: Thanks for the chat today – I look forward to seeing more of TMHC in the future.
