324 строки
22 KiB
Markdown
324 строки
22 KiB
Markdown
# TOPHER TEBOW
|
||
## CYBER THREAT HUNTER
|
||
See application for contact details.
|
||
***
|
||
## SUMMARY
|
||
- Experienced Cybersecurity Professional with 10+ years of expertise in web application security, endpoint threat detection, and threat intelligence.
|
||
- Multiple certifications, including cybersecurity analysis, penetration testing, and network security.
|
||
- Experienced in cross-platform detection and analysis, including Windows, Linux, and macOS.
|
||
- Well-versed in malware and vulnerability analysis techniques and tools.
|
||
- Strong experience in fast-paced environments that require speedy and accurate analysis and remediation.
|
||
- Ability to communicate highly technical concepts and details to a variety of audiences.
|
||
***
|
||
## CERTIFICATIONS
|
||
### Security
|
||
Certification | Issuing Organization | Certification Number
|
||
------------ | ------------- | -------------
|
||
Systems Security Certified Professional (SSCP) | International Information System Security Certification Consortium (ISC2) | 2002157
|
||
CySA+ | CompTIA | 25QPHQLT22EEQ33K
|
||
PenTest+ | CompTIA | F5W66WNT1EE4QWW8
|
||
Security+ | CompTIA | 3WZQEMXSNEBE195G
|
||
Network+ | CompTIA | QMTV1HBQPJR1Q39J
|
||
A+ | CompTIA | YSP0KKEYBBE41MK8
|
||
Linux Essentials | Linux Professional Institute | 5agtvrf82v
|
||
|
||
### Project & IT
|
||
Certification | Issuing Organization | Certification Number
|
||
------------ | ------------- | -------------
|
||
Certificate in IT Service Management | ITIL Foundation | GR671340266BT
|
||
Six Sigma Green Belt | The Council for Six Sigma Certification (CSSC) | PEqbg5qYw7
|
||
Project+ | CompTIA | 2YFXP64YLBFEQ535
|
||
***
|
||
## TECHNICAL SKILLS OVERVIEW
|
||
### Cybersecurity Frameworks & Standards
|
||
- NIST CSF, MITRE ATT&CK, PCI DSS, SOC2, ISO 27001, CIS, OWWASP Web Security Testing
|
||
### Threat Intelligence & Monitoring
|
||
- __Threat Intelligence Technologies:__ ThreatConnect, Anomaly ThreatStream, IntSights, VirusTotal, AT&T AlienVault, IBM X-Force, Microsoft Defender Threat Intelligence, Wordfence Intelligence
|
||
- __Threat Intelligence Standards:__ STIX, TAXII
|
||
- __Monitoring, SIEM, & SOAR Tools:__ Google Chronicle, Siemplify, QRadar, Snort, Cortex XSOAR, Grafana, Kibana, Splunk, ThreatConnect, Elastic SIEM, Elastic Stack, Logstash
|
||
- __OSINT Tools:__ Maltego, Shodan
|
||
### Penetration Testing & Vulnerability Assessment
|
||
- __DAST Tools:__ Burp Suite, OWASP ZAP, Nmap, Wireshark, BeEF, SQLmap, Metasploit
|
||
- __SAST Tools:__ TrueCode, Veracode
|
||
### Malware Analysis & Detection
|
||
- __Analysis Tools:__ Cuckoo Sandbox, Procmon, Process Hacker, ANY.run, IDA Pro, X64dbg, Radare2, Ghidra, Hybrid Analysis, Joe Sandbox
|
||
- __Detection Engines:__ YARA, HyperScan, ClamAV, Acronis
|
||
### Development & Automation
|
||
- __Programming & Scripting:__ Bash, PowerShell, Batch, Python, Perl, JavaScript, PHP, Lua, C, C#, Go, Rest API, Regular Expressions (Regex)
|
||
- __Web & Design Frameworks:__ jQuery, Laravel, Angular, Bootstrap, Tailwind
|
||
### Cloud & Virtualization Technologies
|
||
- __Cloud Platforms:__ Amazon Web Services (AWS), Azure
|
||
- __Virtualization & Containerization:__ Hyper-V, VMWare, VirtualBox, QEMU, oVirt, KVM, Virt-manager, Kubernetes, Docker, Vagrant
|
||
### Operating Systems and Web Servers
|
||
- Linux, macOS, Windows, Android, iOS, Apache, IIS, Nginx
|
||
### Database Management
|
||
- MySQL, SQL Server, MariaDB, SQLite, PostgreSQL
|
||
### Collaboration Tools
|
||
- Jira, Confluence, Git, GitHub, Bitbucket
|
||
***
|
||
## EDUCATION & HONORS
|
||
### Western Governors University
|
||
#### Bachelor of Science in Cybersecurity and Information Assurance
|
||
##### Oct 2021 - Jul 2024
|
||
- I obtained a B.S. degree in Cybersecurity and Information Assurance.
|
||
- I was awarded the Excellence Award for my work in Emerging Technologies in Cybersecurity.
|
||
### Scottsdale School of Film & Theater
|
||
#### Associate of Arts in Film Production
|
||
##### Jan 2012 - Jun 2015
|
||
- I studied all aspects of film and television production, from scriptwriting and pre-production, to crew positions on set, and the post-production process.
|
||
- I obtained 82 credit units toward an A.A. degree.
|
||
### Order of the Sword & Shield
|
||
The Order of the Sword & Shield National Honor Society is the largest and most respected organization representing the Homeland Security, Intelligence, Emergency Management, Cyber and Information Security, and all Protective Security disciplines.
|
||
### National Society of Leadership and Success
|
||
The NSLS is an organization that provides a life-changing leadership program that helps students achieve personal growth, career success, and empowers them to have a positive impact in their community.
|
||
***
|
||
## Community Involvement
|
||
### InfraGard
|
||
#### Phoenix, AZ
|
||
##### Feb 2020 - Present
|
||
InfraGard is a partnership between the private sector and the FBI, fostering public-private collaboration to protect critical infrastructure better.
|
||
|
||
### Arizona Cyber Threat Response Alliance (ACTRA)
|
||
#### Phoenix, AZ
|
||
##### Feb 2020 - Present
|
||
ACTRA leverages public and private cross-sector resources to more effectively analize critical and real-time intelligence, and respond to cyber threats.
|
||
|
||
### EXITNODE
|
||
#### Phoenix, AZ
|
||
##### August 2024 - Present
|
||
EXITNODE connects tech enthusiasts with a passion for connecting with others and providing a network of support for new engineers. The philosophy is rooted in accessibility and diversity, welcoming anyone with a passion for technology.
|
||
|
||
### Open Cybersecurity Alliance
|
||
#### Phoenix, AZ
|
||
##### April 2020 - Present
|
||
OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations.
|
||
|
||
### Filigran Community
|
||
#### Phoenix, AZ
|
||
##### July 2019 - Present
|
||
The Filigran community is a public collaborative of cybersecurity professionals working to to provide cybersecurity and crisis management teams with the best possible software fueled by actionable threat intelligence.
|
||
|
||
### CTI League
|
||
#### Phoenix, AZ
|
||
##### Mar 2020 - Present
|
||
The CTI League, an all-volunteer non-profit group that focuses on aggressively dismantling cyber criminal infrastructure and protecting healthcare organizations against cyber attacks.
|
||
|
||
### DC602
|
||
#### Phoenix, AZ
|
||
##### Aug 2018 - Present
|
||
DC602 is a gathering point for those interested in alternate applications of modern technology, providing a space to discuss technology and security topics.
|
||
|
||
### DC480
|
||
#### Phoenix, AZ
|
||
##### Aug 2018 - Present
|
||
DC480 is a group of hackers, infosec professionals, and learners new to cybersecurity, coming together to learn and share experiences in cybersecurity.
|
||
|
||
### PHX2600
|
||
#### Phoenix, AZ
|
||
##### Feb 2015 - Present
|
||
PHX2600 is a group of hackers and technology enthusiasts who gather monthly to discuss code, tech, and other hacking related topics.
|
||
***
|
||
### PROFESSIONAL EXPERIENCE
|
||
#### Cybersecurity Analyst - Threat Hunter
|
||
##### Hybrid, Tempe, AZ
|
||
- Play a critical role in analysis of disparate information and synthesizing into relevant actionable intelligence.
|
||
- Ability to deliver accurate, timely and professional intelligence products.
|
||
- Support investigative efforts within the CSOC and the Security Organization.
|
||
- Capable communicator that can engage others both internally and externally to protect the company’s critical assets.
|
||
- Interface with peer departments across the firm.
|
||
- Build positive and productive relationships with the business and technology.
|
||
- Ability to securely share actionable intelligence internally and externally while maintaining TLP.
|
||
|
||
#### Cybersecurity Analyst & Technical Writer
|
||
##### Remote, U.S.
|
||
- Collaboratively identified emerging cyber threats with a team of analysts and researchers.
|
||
- Wrote 223 threat descriptions for the Microsoft Threat Encyclopedia, ensuring accuracy and completeness.
|
||
- Reviewed and refined 45 threat analytics reports for the Microsoft Defender Threat Intelligence platform, maintaining Microsoft's standard for accuracy and clarity.
|
||
- Conducted additional research to supplement researcher data, ensuring a holistic understanding of threats.
|
||
- Elevated team knowledge on cybersecurity threats through meticulous research and documentation.
|
||
- Drove team collaboration to pinpoint and document evolving cyber threats.
|
||
|
||
#### Threat Researcher
|
||
##### Defiant
|
||
###### Remote, U.S.
|
||
- Identified and documented potential threats through log review, penetration testing, and research resources.
|
||
- Utilized tools like Burp Suite and ZAP to identify vulnerabilities in web applications.
|
||
- Used the MITRE ATT&CK framework and OWASP Top 10 to help analyze and categorize web threats.
|
||
- Drove threat awareness by producing key educational resources for identified threats.
|
||
- Boosted Defiant's threat intelligence by uncovering new trends in cybersecurity and publishing them to the Wordfence Intelligence platform.
|
||
- Contributed to multimedia production for educational videos, promoting cybersecurity awareness.
|
||
|
||
#### Senior Cyber Security Researcher
|
||
##### Acronis
|
||
###### Tempe, AZ
|
||
- Worked as a Cyber Protection Operations Center (CPOC) member to monitor and respond to alerts from AI, behavioral, and static detections across all endpoints using Acronis Cyber Protect products.
|
||
- Utilized regex and behavioral analysis to write malware detection rules for Acronis’ custom detection engine, significantly reducing risks to Windows, macOS, and Linux systems.
|
||
- Made use of custom scripts to perform penetration testing on desktop applications to identify vulnerabilities in Windows, macOS, and Linux applications.
|
||
- Analyzed emerging threats, utilizing tools such as Procmon, Process Hacker, IDA Pro, X64dbg, Radare2, Cuckoo Sandbox, ANY run, and VirusTotal to craft detection strategies that preemptively neutralize risks.
|
||
- Led a cross-functional team to educate stakeholders through videos on emerging threats and best practices.
|
||
- Authored technical blog posts, enhancing the company's reputation in the cybersecurity field.
|
||
- Strengthened community relationships, facilitating the exchange of crucial threat intelligence.
|
||
|
||
#### Manager, Web Security Research
|
||
##### SiteLock
|
||
###### Scottsdale, AZ
|
||
- Spearheaded the training and development of new analysts, fostering a collaborative work environment.
|
||
- Monitored the alert queues to ensure web threats on client websites were addressed quickly and accurately.
|
||
- Pioneered the optimization of processes and tools, improving efficiency.
|
||
- Contributed to security patch backporting and malware detection rule writing.
|
||
- Managed a machine learning project, showcasing innovative thinking to improve malware identification by 12%.
|
||
- Authored technical and thought leadership articles, exhibiting an analytical understanding of industry trends.
|
||
- Analyzed emerging malware trends, improving the company’s threat intelligence stance.
|
||
|
||
#### Web Vulnerability Research Analyst II
|
||
##### SiteLock
|
||
###### Scottsdale, AZ
|
||
- Spearheaded security patch reviews in content management systems (CMSs), ensuring optimal system integrity.
|
||
- Pioneered the backporting of patches to older versions, maintaining system functionality.
|
||
- Constructed comprehensive test cases using Vagrant and Docker, validating patch compatibility with former application versions.
|
||
- Analyzed web threats through code review and penetration testing, using tools like Burp Suite, ZAP, and Metasploit, to ensure robust system security.
|
||
- Evaluated CMS security, leading to the identification and mitigation of new vulnerabilities.
|
||
|
||
#### Web Security Research Analyst II
|
||
##### SiteLock
|
||
###### Scottsdale, AZ
|
||
- Managed alert queues to quickly mitigate emerging web threats on customer websites.
|
||
- Led malware analysis and signature creation for enhanced web security.
|
||
- Performed penetration testing on web applications to identify vulnerabilities, making use of tools like Burp Suite, ZAP, BeEF, Nmap, and Metasploit.
|
||
- Initiated a malware trend-tracking program, improving threat prediction accuracy.
|
||
- Developed and managed a suite of tools, optimizing company-wide processes.
|
||
- Launched a company podcast, significantly boosting brand visibility through creative media.
|
||
- Maintained team server and applications, ensuring optimal performance.
|
||
|
||
#### Lead Web Security Analyst
|
||
##### SiteLock
|
||
###### Scottsdale, AZ
|
||
- Spearheaded team development and mentoring initiatives, including updating and developing processes and procedures.
|
||
- Innovated a new team division to enhance customer service and internal career progression.
|
||
- Monitored and managed alert queues to ensure customer websites were cleaned of malware quickly and accurately.
|
||
- Collaborated with IT and compliance teams to ensure cybersecurity policies aligned with regulatory requirements like SOC2 and PCI DSS.
|
||
- Managed and updated the knowledge base, ensuring accurate and updated information.
|
||
- Redesigned new hire training materials, elevating departmental knowledge and skills.
|
||
- Delivered technical training to new hires, fostering a proficient and competent workforce.
|
||
- Mentored 10+ analysts, elevating team performance and career growth.
|
||
|
||
#### Web Security Analyst II
|
||
##### SiteLock
|
||
###### Scottsdale, AZ
|
||
- Managed alert queues to quickly eradicate malware from customer websites.
|
||
- Identified and eliminated web threats using code review and penetration testing.
|
||
- Advised and educated customers on best practices and processes for updating web content filtering.
|
||
- Streamlined operations via innovative applications in PHP and JavaScript.
|
||
- Mastered multiple programming languages and database formats for comprehensive threat analysis.
|
||
- Implemented effective problem-solving strategies to ensure website security.
|
||
|
||
#### Hosting Support
|
||
##### Go Daddy
|
||
###### Gilbert, AZ
|
||
- Assisted customers with troubleshooting issues in their shared hosting accounts.
|
||
- Provided support via chat, phone, support tickets, and server support as needed.
|
||
- Developed several web-based applications to streamline workflow and improve efficiency.
|
||
|
||
#### Chat Support
|
||
##### Go Daddy
|
||
###### Tempe, AZ
|
||
- Assisted customers with domain, hosting, email, and billing issues through chat support.
|
||
- Utilized multiple chat applications to handle a range of inquiries, from basic maintenance to complex problem-solving.
|
||
- Played a key role in training and coaching the support team in India.
|
||
|
||
#### Online Support
|
||
##### Go Daddy
|
||
###### Gilbert, AZ
|
||
- Provided customer support for account, domain, shared hosting, and server issues via support ticket system.
|
||
- Initiated the creation of scripts to automate repetitive tasks, enhancing team efficiency and effectiveness.
|
||
|
||
#### Server Administrator
|
||
##### Terra Del Sol
|
||
###### Portland, OR
|
||
- Built website using HTML, CSS, and PHP. Maintained website, updating and troubleshooting as needed.
|
||
- Maintained the Windows server that housed the customer management software.
|
||
***
|
||
### SPEAKING ENGAGEMENTS
|
||
**Acronis Virtual Conference: See Inside a Live Ransomware Attack Then Learn How to Prevent All of Them (EMEA)**
|
||
2021-06-16 *Acronis*
|
||
Live ransomware demonstration and panel on best practices for preventing attacks
|
||
|
||
**Acronis Virtual Conference: See Inside a Live Ransomware Attack Then Learn How to Prevent All of Them (Americas)**
|
||
2021-06-09 *Acronis*
|
||
Live ransomware demonstration and panel on best practices for preventing attacks
|
||
|
||
**2021 Partner Kickoff**
|
||
2021-02-02 *Acronis*
|
||
Moderated discussion with a panel of cybersecurity experts
|
||
|
||
**AZTC Cybersecurity Summit**
|
||
2020-12-02 *Arizona Tech Council and Arizona Cyber Threat Response Alliance*
|
||
Panel discussion on the subject of risk management
|
||
***
|
||
### PUBLICATIONS
|
||
#### Published Articles
|
||
**#BHUSA or bust: Hopes and expectations for Black Hat 2021**
|
||
2021-07-28 *Acronis Blog* [Article](https://www.acronis.com/en-us/blog/posts/bhusa-or-bust-hopes-and-expectations-black-hat-2021) | [Wayback Archive](https://web.archive.org/web/20210728172556/https://www.acronis.com/en-us/blog/posts/bhusa-or-bust-hopes-and-expectations-black-hat-2021)
|
||
|
||
**Detonating Ransomware on My Own Computer (Don’t Try This at Home)**
|
||
2021-07-14 *Bleeping Computer* [Article](https://www.bleepingcomputer.com/news/security/detonating-ransomware-on-my-own-computer-don-t-try-this-at-home/) | [Wayback Archive](https://web.archive.org/web/20210714144322/https://www.bleepingcomputer.com/news/security/detonating-ransomware-on-my-own-computer-don-t-try-this-at-home/)
|
||
|
||
**I Triggered a Ransomware Attack – Here’s What I Learned**
|
||
2021-06-23 *Security Boulevard* [Article](https://securityboulevard.com/2021/06/i-triggered-a-ransomware-attack-heres-what-i-learned/) | [Wayback Archive](https://web.archive.org/web/20210623070938/https://securityboulevard.com/2021/06/i-triggered-a-ransomware-attack-heres-what-i-learned/)
|
||
|
||
**Is There Hope for ICS and Supply Chain Security?**
|
||
2021-05-24 *Security Boulevard* [Article](https://securityboulevard.com/2021/05/is-there-hope-for-ics-and-supply-chain-security/) | [Wayback Archive](https://web.archive.org/web/20210524190519/https://securityboulevard.com/2021/05/is-there-hope-for-ics-and-supply-chain-security/)
|
||
|
||
**Cybersecurity Predictions For 2021**
|
||
2021-03-17 *Cyber Defense Magazine* [Article](https://www.cyberdefensemagazine.com/cybersecurity-predictions-for-2021/) |[Wayback Archive](https://web.archive.org/web/20210318020255/https://www.cyberdefensemagazine.com/cybersecurity-predictions-for-2021/)
|
||
|
||
**OSAMiner: The Apple cryptojacker that hid for five years**
|
||
2021-01-28 *Acronis Blog* [Article](https://www.acronis.com/en-us/blog/posts/osaminer-apple-cryptojacker-hid-five-years) | [Wayback Archive](https://web.archive.org/web/20210128194804/https://www.acronis.com/en-us/blog/posts/osaminer-apple-cryptojacker-hid-five-years)
|
||
|
||
**5 Ways to Protect Online Learning Environments**
|
||
2020-10-23 *Security Boulevard* [Article](https://securityboulevard.com/2020/10/5-ways-to-protect-online-learning-environments/) | [Wayback Archive](https://web.archive.org/web/20201023191257/https://securityboulevard.com/2020/10/5-ways-to-protect-online-learning-environments/)
|
||
|
||
**Securing Healthcare Data in a COVID World**
|
||
2020-09-01 *Security Boulevard* [Article](https://securityboulevard.com/2020/09/securing-healthcare-data-in-a-covid-world/) | [Wayback Archive](https://web.archive.org/web/20200903183508/https://securityboulevard.com/2020/09/securing-healthcare-data-in-a-covid-world/)
|
||
|
||
**The 2019 Database Gold Rush**
|
||
2019-08-08 *SiteLock Blog* [Article](https://www.sitelock.com/blog/the-2019-database-gold-rush/) | [Wayback Archive](https://web.archive.org/web/20190926004030/https://www.sitelock.com/blog/the-2019-database-gold-rush/)
|
||
|
||
**The WordPress of the Future**
|
||
2018-12-28 *SiteLock Blog* [Article](https://www.sitelock.com/blog/2018/12/wordpress-gutenberg/) | [Wayback Archive](https://web.archive.org/web/20190406053041/https://www.sitelock.com/blog/2018/12/wordpress-gutenberg/)
|
||
|
||
**When a Good Thing Goes Bad – How Vulnerabilities Were Intentionally Built Into pipdig**
|
||
2018-04-06 *SiteLock Blog* [Article](https://www.sitelock.com/blog/2019/04/pipdig-vulnerability/) | [Wayback Archive](https://web.archive.org/web/20190406053808/https://www.sitelock.com/blog/2019/04/pipdig-vulnerability/)
|
||
|
||
**Malware: The Gift That Keeps on Giving**
|
||
2017-06-02 *Infosec Island* [Article](http://www.infosecisland.com/blogview/24935-Malware-The-Gift-That-Keeps-on-Giving.html) | [Wayback Archive](https://web.archive.org/web/20170606172629/http://www.infosecisland.com/blogview/24935-Malware-The-Gift-That-Keeps-on-Giving.html)
|
||
|
||
#### Contributed Content
|
||
##### Articles containing my quotes or research
|
||
**What Does It Take To Be a Cybersecurity Researcher?**
|
||
2021-04-12 *The Hacker News* [Article](https://thehackernews.com/2021/04/what-does-it-take-to-be-cybersecurity.html) | [Wayback Archive](https://web.archive.org/web/20210412165613/https://thehackernews.com/2021/04/what-does-it-take-to-be-cybersecurity.html)
|
||
|
||
**ASIC Cyber Attack Linked to RBNZ Breach**
|
||
2021-01-26 *The Australian* [Article](https://www.theaustralian.com.au/business/technology/asic-cyber-attack-linked-to-rbnz-breach/news-story/fa4e38dac3db4710bc5c8a46f607aa8d) (requires subscription)
|
||
|
||
**ASIC Cyber Attack Linked to RBNZ Breach**
|
||
2021-01-26 *Daily Telegraph* [Article](https://www.dailytelegraph.com.au/business/asic-cyber-attack-linked-to-rbnz-breach/news-story/fa4e38dac3db4710bc5c8a46f607aa8d) (requires subscription)
|
||
|
||
**ASIC sic’d by sickening cyber security incident**
|
||
2021-01-26 *ITWire* [Article](https://www.itwire.com/security/asic-sic-d-by-sickening-cyber-security-incident.html) | [Wayback Archive](https://www.itwire.com/security/asic-sic-d-by-sickening-cyber-security-incident.html)
|
||
|
||
**Acronis Cyber Readiness Report: Pandemic reveals cybersecurity gaps, need for new solutions**
|
||
2020-09-09 *Acronis Blog* [Article](https://www.acronis.com/en-us/blog/posts/acronis-cyber-readiness-report-pandemic-reveals-cybersecurity-gaps-need-new-solutions) | [Report](https://dl.acronis.com/u/rc/WP_Acronis_Cyber_Readiness_Report_EN-US_200908.pdf) | [Wayback Archive (Article)](https://web.archive.org/web/20200910215942/https://www.acronis.com/en-us/blog/posts/acronis-cyber-readiness-report-pandemic-reveals-cybersecurity-gaps-need-new-solutions) | [Wayback Archive (Report)](https://dl.acronis.com/u/rc/WP_Acronis_Cyber_Readiness_Report_EN-US_200908.pdf)
|
||
|
||
**VMBlog Expert Interview: Topher Tebow of Acronis Reveals Findings from their 2020 MSP Cybersecurity Readiness Survey**
|
||
2020-06-09 *VMBlog* [Article](https://vmblog.com/archive/2020/06/09/vmblog-expert-interview-topher-tebow-of-acronis-reveals-findings-from-their-2020-msp-cybersecurity-readiness-survey.aspx) | [Wayback Archive](https://web.archive.org/web/20200619171146/https://vmblog.com/archive/2020/06/09/vmblog-expert-interview-topher-tebow-of-acronis-reveals-findings-from-their-2020-msp-cybersecurity-readiness-survey.aspx)
|
||
|
||
**Coronavirus crisis: Online church services attacked by hackers using child pornography**
|
||
2020-05-16 *Fox News* [Article](https://www.foxnews.com/tech/coronavirus-online-church-services-attacked-child-pornography-hackers) | [Wayback Archive](https://web.archive.org/web/20200515225920/foxnews.com/tech/coronavirus-online-church-services-attacked-child-pornography-hackers)
|
||
|
||
**Expert Advice During World Password Day 2020**
|
||
2020-05-07 *VMBlog* [Article](https://vmblog.com/archive/2020/05/07/expert-advice-during-world-password-day-2020.aspx#.Xsa7HxLQhhH) | [Wayback Archive](https://web.archive.org/web/20200521173300/https://vmblog.com/archive/2020/05/07/expert-advice-during-world-password-day-2020.aspx#.Xsa7WBLANhE)
|
||
|
||
**7 Steps to Web App Security**
|
||
2019-09-03 *Dark Reading* [Article](https://www.darkreading.com/analytics/7-steps-to-web-app-security/d/d-id/1335695) | [Wayback Archive](https://web.archive.org/web/20190904202018/https://www.darkreading.com/analytics/7-steps-to-web-app-security/d/d-id/1335695)
|