Information protection, security awareness, and personal privacy are my passion, and I love to teach others how to implement simple actions that can lead to a safer world.

Being a Hacker for the greater good represents a lifestyle, a community, and a career for me.

I focus on “proactive security” through people and process. Through an integrated preventative approach, my goals are to:

 

  • Educate users, executives, developers, and other key stakeholders
  • Create and improve SDLC (software development life cycle) and other business efforts, leading to more secure and compliance-ready software
  • Architect and design software that is easier to monitor and operate, and which be more resilient, capable of preventing, detecting, and withstanding attack
  • Build a safer physical and digital workplace with advanced awareness of social engineering attacks
  • Help the business understand software and process risk, so risks can be treated appropriately
  • Advocate testing that simulates attack to fix problems before a real attack can occur
  • Prepare an organization to pragmatically exceed GRC (governance, risk, and compliance) requirements
  • Ensure privacy is considered and protected for all sensitive data

My Bio:

April C. Wright is a hacker, author, teacher, and community leader who has been breaking, making, fixing, and defending the security of global critical communications and connections for over 25 years. She is an international speaker and trainer, educating and advising on matters of privacy and information security with the goal of safeguarding the digital components we rely on every day. April has held roles on defensive, operational, adversarial, and development teams throughout her career and is currently a Senior Application Security Architect. Her book, “Fixing An Insecure Software Life Cycle” was published through O’Reilly, and she is currently writing a new book to be published by No Starch Press. She is a co-host for the SecurityWeekly family of webcasts. April has spoken and contributed to numerous worldwide security conferences (often during repeat appearances), including BlackHat on three continents, DEF CON on two continents, DerbyCon, GRRcon, Layer 8, Hack in Paris, DefCamp Romania, ITWeb South Africa. She has also presented for the US Government and industry organizations such as OWASP and ISSA. She has started multiple small businesses including a non-profit and a photography studio. April currently handles communications for the Official DEF CON Groups global community outreach, and in 2017 she co-founded the local Boston meetup “DC617”. April has collected dozens of certifications to add capital letters at the end of her name, almost died in Dracula’s secret staircase, and once read on The Onion that researchers at the University of North Carolina released a comprehensive report in 2014 confirming her status as the “most significant and interesting person currently inhabiting the earth”, and it was on ‘teh internet’ so it must be true.

Industry certifications:

  • Certified Master’s Level Social Engineer
  • CISSP (Certified Information Systems Security Professional)
  • CSSLP (Certified Secure Software Lifecycle Professional)
  • CCSP (Certified Cloud Security Professional)
  • SSCP (Systems Security Certified Practitioner)
  • CISA (Certified Information Systems Auditor)
  • CCSK (Certificate of Cloud Security Knowledge)
  • ITIL version 3 Fundamentals
  • QualysGuard Certified Specialist
  • Qualys Vulnerability Management
  • FedRAMP System Security Plan (SSP) 200-A
  • Oracle Certified Security Administrator
  • Oracle Certified Network Administrator
  • Oracle Certified Systems Administrator
  • CompTIA Network+
  • CompTIA Security+
  • Infra CMDB Certified Developer – EMC
  • Microsoft Certified Professional (MCP)