There’s a tension in security work that doesn’t exist in most other engineering disciplines: almost everything interesting is confidential.

The pentest you just finished? NDA’d. The vulnerability you found? Coordinated disclosure with a 90-day embargo. The incident you responded to? Never discuss it publicly.

So the default posture for security engineers is opacity. And it’s understandable.

But I think it’s also a trap.

The Visibility Problem

The most respected security professionals — the ones who get the talks, the consulting calls, the interesting job offers — are almost universally people who have built some kind of public presence. Blog posts, conference talks, open-source tools, Twitter threads that actually teach something.

This isn’t because they’re better engineers. It’s because security (like most fields) runs on trust and pattern recognition. When someone can point to a body of public work, the trust-building that usually takes years of in-person relationship-building can happen at scale, asynchronously.

If you produce nothing public, you’re invisible outside your current organization.

What You Can Actually Share

The NDA and responsible disclosure constraints are real. But they’re narrower than most people assume.

You can’t share: client details, specific vulnerabilities before disclosure, proprietary tooling.

You can share:

  • The class of vulnerability and how to think about it
  • The mental models you use to approach a problem
  • What you learned from a CTF or lab environment
  • Your views on the state of the field
  • What tools you’re building and why

The constraint is specifics, not ideas.

Starting Small

You don’t need a polished blog. You don’t need a personal brand strategy. You need a consistent habit of turning what you learned this week into something shareable.

Write the thing you wish existed when you were learning. Explain a concept to someone two years behind you. Build the tool that solves your own problem and open-source it.

The field desperately needs more people willing to teach in public. The people who do it end up building careers that would be impossible otherwise.