Cybersecurity authors are a compilation of published authors who are experts in cybersecurity disciplines with bios and links to their books.
Ackerman - Ahmed - Anson
Pascal Ackerman (ad) – Pascal is an industrial security professional with a degree in electrical engineering. He is the author of Industrial Cybersecurity: Efficiently monitor the cybersecurity posture of your ICS environment, 2d Edition. With two decades of consulting experience, he joined Ernst and Young in 2021. He is Manager, Industrial Cybersecurity Consulting. Pascal’s passion lays in analyzing new and existing threats to ICS environments.
Alexis Ahmed (ad) – Alexis is a penetration tester and security researcher. He founded HackerSploit, a Cybersecurity consultancy that specializeds in Penetration testing and security training. Alexis is a content creator and cybersecurity instructor on YouTube, and his channel HackerSploit has over 600,000 subscribers. He has multiple Cybersecurity certifications ranging from the CEH, Sec+, OSCP, and he is a Certified ISO 27001 associate. Alexis is the author of Privilege Escalation Techniques: Learn the art of exploiting Windows and Linux systems.
Steve Anson (ad) – Steve is the cofounder of Forward Defense – forwarddefense.com. He has served as a police officer and FBI High Tech Crimes Task Force agent. Steve was DoD special agent, and he was an instructor with the State Department Antiterrorism Assistance Program (ATA). He has trained thousands of law enforcement officers around the world in techniques of digital forensics and investigation. Steve is the author of Applied Incident Response.
Arnold - Ball - Bleam
Tim Arnold (ad) – Tim is a professional Python programmer at SAS Institute and a statistician. He works to ensure educational tools are accessible to underserved communities worldwide, including making mathematical documentation accessible to the blind. Tim served on the board of the Raleigh ISSA, and he was a consultant to the board of the International Statistical Institute. Tim is co- author of Black Hat Python, 2nd Edition: Python Programming for Hackers and Pentesters.
Corey J. Ball (ad) – Corey is an APIsec Evangelist and cybersecurity consulting manager at Moss Adams, where he leads its penetration testing services. He has over twelve years of experience working in IT and cybersecurity across several industries. They include aerospace, agribusiness, energy, financial tech, government services, and healthcare. In addition to a bachelor’s degree in English and philosophy, Corey holds the OSCP, CCISO, CISSP, and several other industry certifications. Corey is the author of Hacking APIs: Breaking Web Application Programming Interfaces.
Jennifer Bleam (ad) – Jennifer is an award-winning speaker, author and leader in the IT channel. She’s spoken at events hosted by Continuum, Kasey, ConnectWise, Auvik, Technology Marketing Toolkit, CharTec ASSCII and ChannelPro. She has coached over 1,000 MSPs on marketing and sales best practices. Jennifer founded MSP Sales Revolution to help MSPs master the art of selling cybersecurity quickly, easily and profitably. She is the author of Simplified Cybersecurity Sales For MSPs: The Secret Formula For Closing Cybersecurity Deals Without Feeling Slimy.
Bonney - Bravo - Brumfield
Bill Bonney (ad) – Bill is a Cybersecurity Evangelist and author. He is a co-author of the CISO Desk Reference Guide Executive Primer: The Executive’s Guide to Security Programs. Bill is the President of CISO DRG, Inc. that publishes practical guides for information security executives. He holds several patents in data protection, access and classification, and he’s on the Board for San Diego CISO Roundtable. The Roundtable is a professional group focused on building relationships and fostering collaboration in information security management.
Cesar Bravo (ad) – Cesar is a Cyber Security Expert, TEDx speaker and University Professor with a masters degree in Cyber Security. He is a prolific inventor with more than 100 Patent submissions in the US, UK, Germany, and China. Most of his patents are related to cybersecurity, but he also has patents on Artificial Intelligence, IoT, and more. Cesar has authored more than 50+ technical papers, and two books published in the US. He is a co-author of Mastering Defensive Security: Effective techniques to secure your Windows, Linux, IoT and cloud infrastructure.
Cynthia Brumfield (ad) – Cynthia is a veteran communications industry analyst now focused on cybersecurity. She runs the cybersecurity news destination Metacurity.com, and she is a columnist for CSO Online. She is the author of Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework. Follow her cybersecurity updates on Twitter @Metacurity.
Buchanan - Carey - Carpenter
Ben Buchanan (ad) – Ben works on AI, cybersecurity and international affairs. He is the author of three books, The New Fire, The Hacker and the State and The Cybersecurity Dilemma. Ben was the Senior Faculty Fellow and Director of the CyberAI Project at Georgetown’s Center for Security and Emerging Technology. It was a five-year, $65 million effort to study AI and international affairs. Ben received his PhD in War Studies from King’s College London, where he was a Marshall Scholar. He earned masters and undergraduate degrees from Georgetown University.
Marcus J. Carey (ad) – Marcus is the creator of the bestselling Tribe of Hackers cybersecurity book series. Marcus is renowned in the cybersecurity industry. He has spent his more than 20 year career working in penetration testing, incident response, and digital forensics. Marcus works with federal agencies such as NSA, DC3, DIA, and DARPA. He started his career in cryptography in the U.S. Navy, and he holds a Master’s degree in Network Security.
Perry Carpenter (ad) – Perry has been a recognized thought leader on security awareness and the human factors of security for over a decade. Perry serves as Chief Evangelist and Strategy Officer for KnowBe4, the world’s most popular security awareness and simulated phishing platform. He holds a Master of Science in Information Assurance (MSIA) from Norwich University, and he is a Certified Chief Information Security Officer (C|CISO). Perry is co- author of The Security Culture Playbook: An Executive Guide to Reducing Risk and Developing Your Human Defense Layer.
Castaldo - Codings - Crawley
Chris Castaldo (ad) – Chris is an industry recognized CISO, and he is an expert in building cybersecurity programs for start-ups. His cybersecurity experience stretches over 20 years in start-ups, Fortune 1000’s, and the US Government. Chris has scaled cybersecurity programs and teams from the ground up and advises start-ups. He is a US Army veteran and a Visiting Fellow at the National Security Institute at George Mason University’s Antonin Scalia Law School. Chris is the author of Start-Up Secure: Baking Cybersecurity into Your Company from Founding to Exit.
Zach Codings (ad) – Since childhood, Zach loved computers. He was self-taught, and he wrote his first program when he was 14 years old. After graduating from college, Zach created an innovative security system which he still distributes through his cybersecurity company. His mission is to help beginners worldwide master the art of programming. Zach sees programming languages as creative expression providing personal and professional satisfaction. He is the author of Computer Programming and Cyber Security for Beginners.
Kim Crawley (ad) – Kim researches and writes about cybersecurity issues. She’s the Blog Manage for Hack the Box, a pioneer in online cybersecurity penetration testing training. Kim has worked for Sophos, AT&T Cybersecurity, BlackBerry Cylance, Tripwire, and Venafi. All matters red team, blue team, and purple team fascinate her. She’s especially fascinated by malware, social engineering, and advanced persistent threats. Kim is the author of The Pentester BluePrint: Starting a Career as an Ethical Hacker.
Czaplewski - Davidoff - Deirmentzoglou
Jennifer Czaplewski (ad) – Jennifer is an innovative cybersecurity executive known for building and leading critical security functions. She is a leader in DevSecOps, and she shares insights at forums like RSA, and the Cyber Security Summit. Jennifer is a patent holder, and her work has been featured in SC Magazine and Dark Reading. She is a Senior Director in Target’s cybersecurity team leading DevSecOps, vulnerability management and endpoint protection. She is a co-author of Modern Cybersecurity: Tales from the Near-Distant Future.
Sherri Davidoff (ad) – Sherri is the CEO of LMG Security. She has conducted cybersecurity training for The FDIC/FFIEC, the American Bar Association, the Department of Defense, and many more. Sherri is a faculty member at the Pacific Coast Banking School, and she is an instructor for Black Hat where she teaches her “Data Breaches” course. She is the co-author of Network Forensics: Tracking Hackers Through Cyberspace. It’s a noted security text in the private sector, and a college textbook for many cybersecurity courses. Sherri is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN). She holds her degree in Computer Science and Electrical Engineering from MIT.
Evangelos Deirmentzoglou (ad) – Evangelos is an information security professional interested in solving security problems at scale. He led and structured the cybersecurity capability of the fintech startup Revolut. A member of the open-source community since 2015, he has made multiple contributions to Nmap and Ncrack. Evangelos is researching a cyber-security PhD focusing on source code analysis. He has applied this for many major US technology vendors, Fortune 500 companies and financial and medical institutions. Evangelos is a co-author of Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things.
Dimaggio - Dotson - Easttom
Jon DiMaggio (ad) – Jon is the chief security strategist at Analyst1. He has over 15 years of experience hunting, researching and writing about advanced cyber threats. Jon is a specialist in enterprise ransomware attacks and nation-state intrusions. His expertise includes the world’s first ransomware cartel and the infamous Black Vine cyberespionage group. He has exposed the criminal organizations behind major ransomware attacks, and he’s aided law enforcement in federal indictments. Jon is the author of The Art of Cyberwarfare: An Investigator’s Guide to Espionage, Ransomware, and Organized Cybercrime.
Chris Dotson (ad) – Chris is an IBM Distinguished Engineer, and he is an executive security architect for IBM Cloud. He is the author of Practical Cloud Security: A Guide for Secure Design and Deployment. Chris has over 20 years of experience in the IT industry as well as 11 professional certifications. Certifications include the Open Group Distinguished IT Architect certification. His focus areas include cloud infrastructure and security, networking infrastructure and security, servers, and storage.
Dr. Chuck Easttom (ad) – Chuck has many years of practical experience in a wide range of computer science, mathematics, and related topics. He holds a Doctor of Science in Cyber Security, and he has authored 36 computer science books (so far). Chuck is an inventor with 25 computer science patents and over 70 research papers. He was a subject matter expert for CompTIA in the creation of their Security+, Linux+, and Server+ certification tests. He currently holds over 70 IT certifications (A+, Network+, iNet+, Linux+, Server+, MCP, MCAD, MCSA, MCSE, MCDBA, MCTS, MCITP, CEH, CHFI, CISSP, CCFP, ISSAP, and more).
Espinosa - Freund - Fosaaen
Christian Espinosa (ad) – Christian is an entrepreneur, white-hat hacker, and he’s the Founder and Former CEO of Alpine Security. He’s also a high-performance coach and cybersecurity professor. Christian came to the realization that the smartest people in the room are not always the best leaders. He determined his greatest contribution to leadership and fighting cybercrime is his ability to provide awareness and solutions. He addresses the challenges associated with high rational intelligence (IQ) and low emotional intelligence (EQ) staff. Christian is the author of The Smartest Person in the Room: The Root Cause and New Solution for Cybersecurity.
Dr. Jack Freund (ad) – Jack is an expert in IT risk management specializing in analyzing and communicating complex IT risk scenarios in plain language. He currently leads a team of risk analysts at TIAA-CREF. Jack has worked for Nationwide Insurance, CVS/Caremark, Lucent Technologies, Sony Ericsson, AEP, Wendy’s International, and The State of Ohio. He holds a BS in CIS, Masters in Telecom and Project Management, and a PhD in Information Systems. He has the CISSP, CISA, CISM, CRISC, CIPP, and PMP certifications. Jack is the co-author of Measuring and Managing Information Risk: A FAIR Approach.
Karl Fosaaen (ad) – As a Practice Director at NetSPI, Karl leads the Cloud Penetration Testing service line and oversees NetSPI’s Portland, OR office. Karl holds a BS in Computer Science, and he has over a decade of consulting experience in computer security. He spends most of his research time focusing on Azure security and contributing to the NetSPI blog. Karl created the MicroBurst toolkit to house many of the PowerShell tools that he uses for testing Azure. He is a co-author of Penetration Testing Azure for Ethical Hackers: Develop practical skills to perform pentesting and risk assessment of Microsoft Azure enfironments.
Garbis - Gazcon - Gibson
Jason Garbis (ad) – Jason is Chief Product Officer at Appgate, a provider of Zero Trust secure access solutions. He is responsible for the company’s security product strategy and product management. Jason has over 30 years of product management, engineering, and consulting experience at security and technology firms. He is co-chair of the SDP Zero Trust Working Group at the Cloud Security. Jason holds a CISSP certification, a BS in computer science from Cornell University, and an MBA from Northeastern University. He is co-author of Zero Trust Security: An Enterprise Guide.
Valentina Costa-Gazcón (ad) – Valentina is a Threat Intelligence Senior Analyst. She specializes in tracking APTs worldwide using the ATT&CK Framework to analyze tools, tactics and techniques. Valentina is a self-taught developer and Threat Hunter with a degree in Translation and Interpretation from the Universidad de Málaga. Valentina is one of BlueSpace Security LATAM community coordinators. She is the author of Practical Threat Intelligence and Date-Driven Threat Hunting: A hands-on guide to threat hunting with ATT&CK™ Framework and open source tools.
Darril Gibson (ad) – Darril Gibson is a U.S. Navy veteran. After his 22 year career working with computers and electronics, he decided to become a full-time author. Darril has authored, co-authored or contributed to more than 40 books. He has earned multiple certifications to include CompTIA A+, Network+, Security+, CASP, and CTT+; (ISC)2 SSCP and CISSP; Microsoft MCT, MCSA, MCSE, MCITP, MCTS, MCDST, MCAD, MCSD, and MCDST. Darril has authored books on CompTIA A+, Network+, Security+ core certifications, ISC(2) SSCP and CISSP security certifications, and Microsoft certifications.
Greenberg - Grid - Grimes
Andy Greenberg (ad) – Andy is an award-winning senior writer for WIRED, covering security, privacy, information freedom, and hacker culture. He’s the author of Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers. The book and excerpts from it published in WIRED won a Gerald Loeb Award for International Reporting. Andy’s first book was This Machine Kills Secrets, about WikiLeaks, cryptography, and the cypherpunks. It was selected as an Editor’s Choice by The New York Times Book Review in 2012.
Alan Grid (ad) – Alan is an American software developer and analyst. He’s been involved in global projects applying and testing cutting-edge technologies. Alan climbed the corporate ladder, and he became a senior team leader working closely with CTOs and shareholders. He became the problem-solver anyone could turn to when the project hits a wall. Alan is familiar with the development process front to back, and he’s authored four programming language books. These four books are suitable for beginners and experts alike.
Roger A. Grimes (ad) – Roger is the author of 13 books and over 1,100 national magazine articles on computer security. He specializes in host security and preventing hacker and malware attacks. Roger is a frequent speaker at national computer security conferences, and he was the weekly security columnist at InfoWorld and CSO magazines from 2005 – 2019. He is a former instructor and penetration tester for Foundstone. Roger is a Data-Driven Defense Evangelist at KnowBe4, Inc.
Haber - Ham - Harrington
Morey J. Haber (ad) – Morey is the Chief Security Officer at BeyondTrust. He is the author Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations. He is co-author of Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. Morey is a founding member of the industry group Transparency in Cyber. In 2020, he was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions.
Jonathan Ham (ad) – Jonathan specializes in large-scale enterprise security issues, from policy and procedure, to scalable prevention, detection, and response techniques. He’s been commissioned to teach NCIS investigators how to use Snort, performed packet analysis from a facility more than 2000 feet underground. He’s taught intrusion analysis to the NSA, and he chartered and trained the CIRT for a U.S. civilian Federal agency. Jonathan is a Certified Instructor with the SANS Institute, and he’s the co-author of Network Forensics: Tracking Hackers Through Cyberspace.
Ted Harrington (ad) – Ted is the Executive Partner at Independent Security Evaluators (ISE). ISE is a company of ethical hackers famous for hacking cars, medical devices, and password managers. He’s helped hundreds of companies such as Google, Amazon, Microsoft, and Netflix fix tens of thousands of security vulnerabilities. Ted’s been featured in more than one hundred media outlets, including the Wall Street Journal, Financial Times, and Forbes. His team founded and organizes IoT Village, an event whose hacking contest has produced three DEF CON Black Badges. Ted is the author of Hackable: How to Do Application Security Right.
Harris - Hayden - Hayslip
Shon Harris (ad) – Shon is the founder and CEO of Logical Security. She’s a computer security consultant, and she’s a former engineer in the Air Force’s Information Warfare unit. Shon has authored three best-selling CISSP books, and she was a contributing author to the books Hacker’s Challenge, and Gray Hat Hacking. She has developed a full digital information security product series for Pearson publishing. Shon has consulted for Fortune 500 companies in the U.S., including American Express, Warner Brothers, BridgestoneFirestone, CitiBank, CitiFinancial and more. She is the co-author of CISSP All-in-One Exam Guide, Ninth Edition.
Dr. Lance Hayden (ad) – Lance is an information security professional, an educator, and author. For nearly twenty-five years, he has been a practitioner and researcher in the information security field. He’s held positions in government, industry, and academia. His areas of focus involve applying organizational culture and evidence-based management to the practice of cybersecurity. His background includes a Cold War spy as a father, high school years spent in Italy, service as a HUMINT ops officer, and post-graduate research into the metaphors of surveillance technology. Lance is the author of People-Centric Security: Transforming Your Enterprise Security Culture.
Gary Hayslip (ad) – Gary co-authored the CISO Desk Reference Guide: A Practical Guide for CISOs – Volumes 1 & 2. He serves as an EvoNexus Selection Committee member, where he reviews and mentors cybersecurity and Internet-of-Things startups. Gary sits on the board of directors for both the Cyber Center of Excellence and Infragard’s San Diego chapter. He is a member of the professional organizations ISC2, ISSA, ISACA, OWASP, and Infragard. He holds professional certifications, including CISSP, CISA, and CRISC. Gary has a BS in information systems management from UMUC and an MBA from San Diego State University.
Henry - Hoffman - Hoog
Jasmine Henry (ad) – Jasmine is Field Security Director at JupiterOne where she wrote the 2022 State of Cyber Assets Report (the SCAR), and she edited the book Reinventing Cybersecurity. She is an accidental career specialist in applied graph theory for cloud-native startup security. Jasmine has a MS in Informatics & Analytics from Lipscomb University in Nashville, TN. She is on the board of directors for The Diana Initiative and a keynote speaker and volunteer at countless cybersecurity conferences. Jasmine has worked with Esper.io, IBM Security, HPE, the ADP Research Institute, Philips, and the Tennessee Valley Authority (TVA).
Andrew Hoog (ad) – Andrew is a computer scientist, certified forensic analyst (GCFA and CCE) and mobile forensics researcher. He is an expert witness and co-founder of viaForensics, an innovative digital forensic and security firm. He divides his energies among investigations, forensic software development and research in digital forensics and security. Andrew has two patents pending in the areas of forensics and data recovery. He is the author of Android Forensics: Investigation, Analysis and Mobile Security for Google Android.
Janca - Jones - Kahn
Tanya Janca (ad) – Tanya, also known as SheHacksPurple, is the author of Alice and Bob Learn Application Security. She is the founder of We Hack Purple, an online learning academy, community and podcast. Tanya has been coding and working in IT for over twenty years, and she has won numerous awards. She’s been everywhere from startups to public service to tech giants including Microsoft, Adobe and Nokia. Tanya is an award-winning public speaker, active blogger and streamer delivering hundreds of talks and trainings on six continents.
Jack Jones (ad) – Jack has worked in technology for thirty years, and information security and risk management for twenty-four years. He is the creator of the Factor Analysis of Information Risk (FAIR) framework. Jack is President and co-founder of CXOWARE, Inc. which provides risk management and risk analytics software based on FAIR. He holds the CRISC, CISM, CISA, and CISSP certifications, and he is on the ISACA CRISC and ISC2 Ethics Committee. Jack is co-author of Measuring and Managing Information Risk: A FAIR Approach.
David Kahn (ad) David is a recently visiting historian at the National Security Agency. He is the world’s leading expert on the history of cryptology. He is the author of Hitler’s Spies, Seizing the Enigma, and Kahn on Codes. David has published articles in numerous popular and technical journals. He holds a Ph.D. in Modern History from Oxford. David is an editor at Newsday, and he lives in Great Neck, New York.
Kelley - Khan - Kim
Diana Kelley (ad) – Diana’s security career spans over 30 years. She is Co-Founder and CTO of SecurityCurve, and she donates time to volunteer work in the cybersecurity community. Diana produces the #MyCyberWhy series, and she is the host of BrightTALK’s The Security Balancing Act. She was the Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security and GM at Symantec. Diana is co-author of Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects.
Ali Khan (ad) – Ali serves the cybersecurity industry globally by executing and delivering on cybersecurity initiatives. He is a mentor and educator, and he works with educational institutions to develop the next generation of cybersecurity professionals. Ali provides guidance and career coaching, and he volunteers his time and efforts at not-for-profit organizations. Ali is the author of Because You Can: Your Cybersecurity Career: A simple and practical handbook with actionable insights for success.
Peter Kim (ad) – Peter has more than 14 years in the information security industry. He’s spent 12 years running Penetration Testing / Red Teams. Peter’s worked for utility companies, Fortune 1000 entertainment companies, government agencies and financial organizations. Although he is most well-known for The Hacker Playbook series, his passions are building a safe security community, mentoring students, and training others. Peter founded and maintains one of Southern California’s largest technical security clubs called LETHAL. With the ever-changing environment of security, he wants to help build the next generation of security professionals.
Krebs - Leirvik - Levy
Brian Krebs (ad) – Brian is the editor of KrebsonSecurity.com. It is a daily blog dedicated to in-depth cybersecurity news and investigation. KrebsonSecurity.com was voted the Blog That Best Represents the Security Industry by judges at the 2013 RSA Conference. From 1995 to 2009, Brian was a reporter for The Washington Post, where he covered internet security, technology policy and cybercrime. His stories and investigations appeared in Popular Mechanics, Wired.com and dozens of other publications. Brian is the author of Spam Nation: The Inside Story of Organized Cybercrime – from Global Epidemic to Your Front Door.
Ryan Leirvik (ad) – Ryan has focused on solving complex cyber challenges from within some of the world’s largest organizations. He is the author of Understand, Manage, and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyber Program. It provides a straightforward approach for individuals, executives and organizations to simplify complexities and manage associated risks. Ryan is founder and CEO of Neuvik, a cybersecurity consultancy. He and his team provide advanced cybersecurity capabilities for clients. In previous roles, Ryan was a Chief of Staff at the Pentagon. He was also an Associate Director of Cyber in the Office of the US Secretary of Defense.
Jamie Levy (ad) – Jamie is a senior researcher and developer with the Volatility Foundation. Jamie has taught classes in Computer Forensics and Computer Science at Queens College (CUNY) and John Jay College (CUNY). She has an MS in Forensic Computing, and she is a contributor to the open source Computer Forensics community. Jamie has authored peer-reviewed conference publications and presented at conferences on the topics of memory, network, and malware forensics analysis. She is the author of The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory.
Linn - Mattord - McCarty
Ryan Linn (ad) – Ryan has delivered his research about ATM security, network protocol attacks, and penetration testing tactics at numerous conferences. They include Black Hat, DefCon, DerbyCon, and SecTor to name a few. He is an open source project contributor for projects such as Metasploit, Ettercap, and the Browser Exploitation Framework. Ryan is a Managing Consultant doing network penetration testing. He is a co-author of Gray Hat Hacking: The Ethical Hacker’s Handbook Sixth Edition.
Herbert J. Mattord (ad) – Herbert holds a Ph.D. and CISM, CISSP, CDP certifications. He is an Associate Professor teaching undergraduate courses in Information Security and Assurance and Information Systems. Herbert spent 24 years in the IT industry, before he became a full-time academic. He was an application developer, database administrator, project manager, and information security practitioner. Herbert is the co-author of Principles of Information Security (Mindtap Course List).
Ben McCarty (ad) – Ben is an American author, veteran, inventor and cybersecurity professional. He is a former cyber capability developer with the National Security Agency (NSA), and he served as a cyber warfare specialist in the U.S. Army. He has multiple security certifications, patents and years of experience working in the security industry. Ben is the author of Cyberjutsu: Cybersecurity for Modern Ninja. Cyberjutsu is the playbook that every modern cybersecurity professional needs to channel their inner ninja.
Messier - Mitnick - Mohanta
Ric Messier (ad) – Ric is an author, consultant, and educator who holds CCSP, GCIH, GSEC, CEH, and CISSP certifications. He has published several books on information security and digital forensics. With decades of experience in information technology and information security, Ric has held varied roles. They include programmer, system administrator, network engineer, security engineering manager, VoIP engineer, consultant, and professor. He is currently a Principal Security Consultant with FireEye Mandiant. Ric is the author of CEH v11 Certified Ethical Hacker Study Guide.
Kevin D. Mitnick (ad) – Kevin began his career at age 12 when he retrieved unused bus passes form the bus company’s dumpster. By age 16 he began his cyber career by breaking into a company’s computer network and copying the software. Mitnick would continue to a career of hacking interrupted only by arrests and incarcerations. Kevin eventually got on the right side of cybersecurity, and he now heads his own consulting firm. He is the author of The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data.
Abhijit Mohanta (ad) – Abhijit has worked as a security researcher with Symantec, McAfee, Cyphort and Juniper Networks. He is specialized in reverse engineering, malware analysis, windows internals, vulnerability, and exploits. Abhijit has a good understanding of Antivirus engines, IPS, and Sandbox internals. Other skills include machine learning, automation, system programming. He is the co-author of Malware Analysis and Detection Engineering: A Comprehensive Approach to Detect and Analyze Modern Malware.
Morillo - Oettinger - O'Flynn
Christina Morillo (ad) – Christina is an information security “cybersecurity” and technology leader and author. She has an extensive background in enterprise security deployments and migrations to the cloud. In her current role at Trimarc Security, she leads the cloud security assessment service for Microsoft Cloud Services. It includes Azure Active Directory and Microsoft 365. Her experience has taken her to companies such as Microsoft, Morgan Stanley, and Fitch Ratings. Cristina is the author of 97 Things Every Information Security Professional Should Know.
William Oettinger (ad) – Bill is retired law enforcement officer with over twenty years in civilian and military justice systems. Bill is a certified examiner by the International Association of Computer Investigative Specialists. Other certifications include CFCE and CISSP. He has travelled worldwide working with many foreign governments and police organizations. They include the Royal Moroccan Gendarmerie, La Direction Générale de la Sûreté Nationale, and Bahrain State Police. Bill is the author of Learn Computer Forensics: A beginner’s guide to searching, analyzing, and securing digital evidence.
Colin O’Flynn (ad) – Colin runs NewAE Technology, Inc., a startup that designs tools and equipment to teach engineers about embedded security. He started the open source ChipWhisperer project as part of his PhD research. He was previously an assistant professor with Dalhousie University where he taught embedded systems and security. Colin lives in Halifax, Canada, and you can find his dogs featured in many of the products developed with NewAE. He is a co-author of The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks.
Ozkaya - Pais - Peiris
Dr. Erdal Ozkaya (ad) – Erdal Ozkaya is a leading cybersecurity professional with business development, management, and academic skills. He focuses on securing cyberspace and sharing his real-life skills as a security adviser, speaker, lecturer, and author. He is passionate about reaching communities, creating cyber-aware campaigns, and leveraging new and innovative approaches. Erdal has authored many cybersecurity books, security certification course-wares, and exams for different vendors. He holds Global awards in cybersecurity as a speaker, author, instructor, and leader.
Manuel Pais (ad) – Manuel is a co-author of Team Topologies: Organizing Business and Technology Teams for Fast Flow. Recognized by TechBeacon as a DevOps thought leader, Manuel is an independent IT organizational consultant and trainer. He focuses on team interactions, delivery practices and accelerating flow. Manuel is also a LinkedIn instructor on Continuous Delivery for the Enterprise.
Dr. Chris Peiris (ad) – Chris is a publisher and thought leader in the cybersecurity, enterprise architecture and cloud integration space. He has advised Fortune 500 companies, federal & state governments and defense and intelligence entities. They span the USA, Asia Pacific, Japan, Middle East, Africa, Australia and New Zealand. Chris has authored or co-authored 10 books on multiple technologies including Cybersecurity, Cloud Computing, Web Services, C#, and Java topics. These books have been translated into 9 languages (from English) and available in 30+ countries.
Perkins - Rasner - Reiber
John Perkins (ad) – John is the founder of Threat Angler, a cybersecurity service provider specializing in managed services, professional services, and training. It focuses on delivering cybersecurity outcomes to customers of all shapes and sizes. John has over 20 years of experience in cybersecurity, and he has contributed to nearly all cybersecurity disciplines. He is a co-author of Microsoft Sentinel in Action: Architect, design, implement, and operate Microsoft Sentinel as the core of your security solutions, 2nd Edition.
Gregory C. Rasner (ad) – Greg is a cybersecurity and IT leader in Finance, Biotech, Technology and Software fields. He holds a BA from Claremont McKenna College along with certifications: CISSP, CCNA, CIPM, ITIL. He is the author of Cybersecurity and Third Party Risk: Third Party Threat Hunting. Greg was in the USMC, and he is co-chair for the Truist Veterans and First-Responders Business Resources Group. Greg created the cybersecurity program at Johnston Community College, and he is a board member on the Technology Advisory Board.
Lee Reiber (ad) – Lee started his journey in Idaho as a member of the Boise Police Department. He founded Mobile Forensics, Inc., and it became one of the prominent training companies in the U.S. for mobile forensics. MFI trained hundreds of students from law enforcement, Fortune 500 companies, and academia. It specialized in instructing students on how to interpret and analyze mobile device data collected with multiple tools. Lee’s written more than 50 articles on mobile forensics, and he’s lectured worldwide on mobile forensics and cybersecurity. He is the author of Mobile Forensic Investigations: A Guide to Evidence Collection, Analysis, and Presentation, Second Edition.
Roberts - Roer - Rolls
Scott J Roberts (ad) – Scott is an incident handler, intelligence analyst, writer, and developer. He protects companies from computer network espionage and attack. Scott believes in sharing techniques and tools for identifying, tracking, and responding to advanced computer network attackers. He has released and contributed to multiple open sources Incident Response, Intrusion Detection, and Cyber Threat Intelligence tools. Scott is the co-author of Intelligence-Driven Incident Response: Outwitting the Adversary.
Kai Roer (ad) – Kai is the Chief Research Officer for KnowBe4, the world’s most popular security awareness and simulated phishing platform. He provides actionable advice founded on empirical evidence to public and private organizations around the world. Kai helps organizations understand what culture they have, what culture they’d like to have, and how to get there. Kai works globally with the information security community to educate about the importance and impact of security culture. He is the co-author of The Security Culture Playbook: An Executive Guide to Reducing Risk and Developing Your Human Defense Layer.
Darran Rolls (ad) – Darran is Chief Technology Officer at SailPoint. He is responsible for directing the company’s technology strategy and security operations. He has experience in identity management and security at companies such as Tivoli Systems, IBM, Waveset Technologies, and Sun Microsystems. Darran has helped design, build, and deliver technology solutions that have defined the identity and access management (IAM) industry. Darran is co-author of Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution.
Saldanha - Sanders - Schneier
Anoop Saldanha (ad) – Anoop has over 15 years of experience as a cybersecurity and network security specialist. He was a core-developer of Suricata Intrusion Detection and Prevention System, funded by the US DHS and US Navy’s SPAWAR. His current areas of interest include IoT Device FingerPrinting and Risk Profiling. Anoop holds 9 patents related to the field of security. He has developed other open source tools like APIMiner that can be used to fast detect malware behavior. He is the co-author of Malware Analysis and Detection Engineering: A Comprehensive Approach to Detect and Analyze Modern Malware.
Chris Sanders (ad) – Chris is an information security author, trainer, and researcher. He is the founder of Applied Network Defense, a company focused on delivering high quality, accessible information security training. In previous roles, Chris worked with the US Department of Defense, InGuardians, and Mandiant. Chris has authored several books and articles, including the international bestseller Practical Packet Analysis currently in its third edition and seven languages, and Applied Network Security Monitoring. His current research focuses on the intersection of cybersecurity and cognitive psychology.
Bruce Schneier (ad) – Bruce is an internationally renowned security technologist, called a “security guru” by The Economist. He is the author of 12 books. They include Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. He’s written hundreds of articles, essays, and academic papers. His influential newsletter “Crypto-Gram” and blog “Schneier on Security” are read by over 250,000 people. Bruce is a fellow at the Berkman Center for Internet and Society at Harvard Law School. He is the Chief Technology Officer of Resilient Systems, Inc. His latest book is Practical Cryptography.
Seidl - Seiersen - Singh
David Seidl (ad) – David is the Vice President for Information Technology and CIO at Miami University of Ohio. He has served in a variety of technical and information security roles during his career. David was the Senior Director for Campus Technology Services at the University of Notre Dame where he co-led Notre Dame’s move to the cloud. David has authored, co-authored, or contributed to 17 books on topics including security certification and cyberwarfare. He holds CISSP, GPEN, GCIH, CSA+ and Pentest+ certifications.
Richard Seiersen (ad) – Richard is the co-author of How To Measure Anything In Cybersecurity Risk. He is the author of The Metrics Manifesto: Confronting Security with Data. Richard’s currently the Chief Risk Officer at Resilience where he and his team quantitatively model and measure cyber risk. He was the co-founder and president of Soluble – a cloud security company sold to Lacework in October 2021. He was previously the Chief Information Security Officer of Twilio, GE Healthcare, and Lending Club.
Glen D. Singh (ad) – Glen is a cybersecurity trainer and information security author. His areas of expertise are penetration testing, digital forensics, network security, and enterprise networking. He holds many cybersecurity certifications from top awarding bodies such as EC-Council, Cisco, Check Point and Fortinet. Glen has trained professionals in various sectors ranging from regional ISPs to government agencies in the field of cybersecurity. Glen is the author of The Ultimate Kali Linux Book: Perform advanced penetration testing using Nmap, Metasploit, Aircrack-ng and Empire, 2nd Edition.
Skulkin - Smith - Stais
Oleg Skulkin (ad) – Oleg is the Head of DFIR Team at Group-IB. He has worked in the fields of digital forensics, incident response, and cyber threat intelligence and research. His passion is uncovering new techniques used by hidden adversaries. Oleg has authored and co-authored multiple blog posts, papers and books on related topics. He holds GCFA and GCTI certifications. Oleg is author of Incident Response Techniques for Ransomware Attacks: Understand modern ransomware attacks and build an incident response strategy.
Jason Smith (ad) – Jason is an intrusion detection analyst. His love for data mining led him to information security and network security monitoring. He has a fascination with data manipulation and automation. Jason has a long history of assisting state and federal agencies with hardening their defensive perimeters. He currently works as a Security Engineer with Mandiant. Jason has created several open source projects, and many have become “best-practice” tools for the DISA CNDSP program. He is the co-author of Applied Network Security Monitoring: Collection, Detection, and Analysis.
Ioannis Stais (ad) – Ioannis is a senior IT security researcher and Head of Red Teaming at CENSUS S.A. Census S.A. offers specialized cybersecurity services to customers worldwide. Ioannis has participated in more than 100 security assessment projects. They include assessment of communication protocols, web and mobile banking services, NFC payment systems, ATMs/POS, medical appliances and MDM solutions. Ioannis has presented in security conferences such as Black Hat Europe, Troopers and Security Bsides. He is a co-author of Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things.
Steinberg - Stocker - Tamma
Joseph Steinberg (ad) – Joseph serves as a cybersecurity expert witness and advisor to both businesses and governments around the world. He’s recognized to be one of the top 3 cybersecurity influencers worldwide. He has authored the official study guide from which many Chief Information Security Officers (CISOs) study for their certification exams. Joseph is one of only 28 people worldwide to hold the suite of advanced information security certifications – CISSP, ISSAP, ISSMP, and CSSLP. He is also the author of Cybersecurity for Dummies.
Joe Stocker (ad) – Joe is the founder and CEO of Patriot Consulting Technology Group, LLC. Patriot is an “Elite” Microsoft Cybersecurity Partner. Prior to Patriot, Joe was a consultant, and he helped more than 300 organizations migrate securely to Office 365. In 2020, Microsoft awarded Joe the MVP award in Security, which recognizes his efforts in helping the community. Outside of work, Joe is an author, speaker, blogger and podcaster. He is the author of Securing Microsoft 365: Defending against the top Cybersecurity threats in Microsoft 365.
Rohit Tamma (ad) – Rohit is a Senior Manager in the cybersecurity field currently working with Microsoft. He has over 12 years of technical experience in the field of information security. His background spans management and leadership roles in Cyber defense, Application security and Security Engineering domains. Rohit has co-authored Practical Mobile Forensics and Learning Android Forensics, which explain various ways to perform forensics on the mobile platforms.
Tarandach - Tejeda - Velu
Izar Tarandach (ad) – Izar Tarandach is the Principal Security Architect at Squarespace. He was the Lead Product Security Architect at Autodesk and Security Architect for Enterprise Hybrid Cloud at Dell EMC. Izar is a core contributor to SAFECode and a founding contributor to the IEEE Center for Security Design. He holds a master’s degree in Computer Science / Security from Boston University. He has served as an instructor in Digital Forensics at Boston University and in Secure Development at the University of Oregon. Izar is co-author of Threat Modeling: A Practical Guide for Development Teams.
Huáscar Tejeda (ad) – Huáscar is the co-founder and CEO of F2TC Cyber Security. He is a seasoned cybersecurity professional with more than 20 years and notable achievements in IT and Telecommunications. Huáscar has developed carrier grade security solutions and business critical components for multiple broadband providers. He is a member of the SANS Latin America Advisory Group and SANS Purple Team Summit Advisory Board. He’s a contributing author of the SANS Institute’s course, SEC760: Advanced Exploit Development for Penetration Testers. Huáscar is a co-author of Gray Hat Hacking: The Ethical Hacker’s Handbook, Sixth Edition.
Vijay Kumar Velu (ad) – Vijay is an information security practitioner, author, speaker, blogger, and investor. He has more than 16 years of IT industry experience, and he is a licensed penetration tester. Vijay has specialized in providing technical solutions, ranging from simple security configuration to complex cyber risk modelling. He holds multiple security qualifications including Certified Ethical Hacker, EC-council Certified Security Analyst, and Computer Hacking Forensics Investigator. Vijay is the author of Mastering Kali Linux for Advanced Penetration Testing: Become a cybersecurity ethical hacking expert using Metasploit, Nmap, Wireshard, and Burp Suite, 4th Edition.
Woods - Woudenberg - Yu
Beau Woods (ad) – Beau is a Senior Advisor with CISA, Cyber Safety Innovation Fellow with the Atlantic Council. He is the Founder/CEO of Stratigos Security, and he sits on the board of several non-profits. He formerly served as Entrepreneur in Residence with the US FDA and Managing Principal Consultant at Dell SecureWorks. Beau has consulted with the energy, healthcare, automotive, aviation, rail, and IoT industries, cyber security researchers, US and international policy makers, and the White House. Beau is a co-author of Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things.
Jasper van Woudenberg (ad) – Jasper has been involved in embedded device security on a broad range of topics. Topics include finding and helping fix bugs in code that runs on hundreds of millions of devices. Symbolic execution to extract keys from faulted cryptosystems, and using speech recognition algorithms for side-channel trace processing. Jasper is the co-author of The Hardware Hacking Handbook: Breaking Embedded Security with Hardware Attacks.
Sounil Yu (ad) – Sounil is the CISO & Head of Research at JupiterOne. He created the Cyber Defense Matrix and the DIE Triad, which are reshaping approaches to cybersecurity. Sounil is a Board Member of the FAIR Institute, and he co-chairs Art into Science: A Conference on Defense. He previously served as the CISO-in-Residence at YL Ventures and Chief Security Scientist at Bank of America. He has over 20 granted patents, and he was recognized as one of the most influential people in security in 2020 by Security Magazine. Sounil is a co-author of Cyber Defense Matrix: The Essential Guide to Navigating the Cybersecurity Landscape.
Zegart - Zeltser
Amy B. Zegart (ad) – Amy is the Morris Arnold and Nona Jean Cox Senior Fellow at the Hoover Institution. She is also a Professor of Political Science (by courtesy) at Stanford University. Amy is Chair of Stanford’s Artificial Intelligence and International Security Steering Committee. She specializes in U.S. intelligence, emerging technologies and national security, grand strategy, and global political risk management. Amy has been featured by the National Journal as one of the ten most influential experts in intelligence reform. She is the author of Spies, Lies, and Algorithms: The History and Future of American Intelligence.
Lenny Zeltser (ad) – Lenny designs practical security solutions, and he shepherds them to a sustainable state. He used to be hands-on in cybersecurity and IT, but now he focuses on strategy and leadership. As the CISO of Axonius, Lenny leads the security program to earn customers’ trust and fuel the company’s growth. Lenny is a Faculty Fellow at SANS Institute, where he helps professionals develop malware analysis skills. He is the co-author of Malware: Fighting Malicious Code.
-An overview of common cybersecurity interview formats, including behavioral and technical interview explanations.
-Sample cybersecurity job interview questions and suggestions on how to handle the questions.
-Ideas on what kinds of questions that job seekers should ask during an interview to make sure the opportunity is a good fit.
Our mission is to create up-to-date, accurate, and actionable cybersecurity related information for students and early career professionals.
Visit CyberSecurityGuide.org at the links below for additional information.
(ad) Norman Hall’s Police Exam Preparation Book ˃ test-taking strategies ˃ practice tests ˃ full-length exams. Complete coverage of ALL test subject areas. Including ˃ basic math ˃ directional orientation ˃ grammar ˃ vocabulary ˃ spelling ˃ memory ˃ reading comprehension ˃ report writing ˃ situational judgment and reasoning.
Career Police Officer is an Amazon Associate and receives commission on qualifying purchases.