From Chokeslams To Pwnage: Phillip Wylie Shares His Journey From Pro Wrestling To Offensive Security

Cybersecurity is a lucrative career, but knowing which path to follow to break into the industry can be daunting for fresh graduates, enthusiasts, and those switching careers. Not to mention, actually taking the plunge and getting into the industry, especially when coming from a non-traditional background, is a discussion in itself. Fortunately, many inspiring cybersecurity professionals break the illusion that you need to follow a specific path to have a career in this industry. Phillip Wylie has one of the more interesting and inspiring stories of going into cybersecurity and becoming a valued professional, mentor, and teacher. He has been part of the industry since the late 1990s but, before then, he was actually a pro wrestler and even wrestled a bear! Today, Phillip wrestles with issues of accessibility of cybersecurity education by teaching ethical hacking and web app pentesting at Dallas College and running The Pwn School Project, in addition to working as a Senior Cloud Penetration Tester. We jumped into the ring with Phillip to hear his backstory, which skills transferred from his pro wrestling career to cybersecurity, the importance of mentorship in the industry, and his advice to people that want to start on his path. SecurityTrails: You've been in offensive security for over a decade now, but you had an interesting career prior to that. We need to ask about your wrestling career, especially bear wrestling! Can you tell us a little about that part of your life? What was it like to wrestle a bear? Phillip Wylie: When I graduated high school, I did not know what I wanted to do for a career. As a powerlifter and a big muscular guy, my friends said I should be a professional wrestler. I liked the idea and pursued a wrestling career. I attended two different wrestling schools and wrestled for a couple of years. I got to wrestle some very well known wrestlers, including Mick Folley, who wrestled in Texas as Cactus Jack. I also wrestled two of the three Fabulous Freebirds tag team trio, The Road Warriors, The Rock n Roll Express, The Midnight Express, and the Samoan SWAT Team, who happened to be related to Dwayne The Rock Johnson. I did not wrestle often enough to make a living, so my main job was working as a bouncer at a nightclub in my hometown of Denton, TX. The nightclub hosted special events on Sundays, and they decided to bring in a wrestling bear. The nightclub manager asked me to wrestle the bear to help boost attendance of the event since I was a pro wrestler and known by the nightclub patrons. Wrestling the bear was open to anyone that wanted to. The bear was named Sampson and was a 750-pound brown bear. People always ask me who won, and the answer is the bear. ST: There is an interesting parallel between professional wrestling and offensive security, are there any lessons you learned from wrestling and applied to your infosec career? Phillip: The biggest parallel I can draw between pro wrestling and offensive security is the social engineering part of offensive security. Wrestling has become known as sports entertainment since wrestling federations shared that it was not real. With social engineering, you become who you portray during pretexting, much like acting in pro wrestling. Real wrestling and martial arts can also have parallels drawn between them and offensive security. Discovering an opponent's weaknesses and exploiting them is a great example, much like how you find vulnerabilities and exploit/hack them. Focus on the learning. If you don't learn the subject, the certification or degree is not as useful. The degree or cert is nice to have, but if you don't know what you are doing, you will have a more difficult time. ST: How did you discover information security and what did your early days look like? Phillip: My first experience with information security was working for Intrusion, Inc. in early 2000s providing technical support for Linux-based firewall and VPN appliances and a vulnerability scannin...