April C Wright

Information protection, security awareness, and personal privacy are my passion, and I love to teach others how to implement simple actions that can lead to a safer world.

Being a Hacker for the greater good represents a lifestyle, a community, and a career for me.

I focus on “proactive security” through people and process. Through an integrated preventative approach, my goals are to:


  • Ensure privacy is considered and protected for all sensitive data
  • Inform and educate users, executives, developers and other key stakeholders
  • Advocate testing that simulates attack to fix problems before a real attack can occur
  • Prepare an organization to pragmatically exceed GRC (governance, risk and compliance)
  • Architect and design enterprise environments that are easier to monitor and operate, is more resilient, as well as capable of preventing, detecting, and withstanding attack
  • Ensure developers, coders, engineers and architects are an integral part of the Security team
  • Create and improve SDLC (software development life cycle) and other business efforts, leading to more secure and compliance-ready software
  • Build a safer physical and digital workplace with advanced awareness of how humans affect security, via social engineering attacks and/or insider threats

My Bio:

April C. Wright is a hacker, author, teacher, and community leader who has been breaking, making, fixing and defending the security of global critical cyber assets for over 25 years. She is an international speaker and trainer, educating and advising on matters of privacy and information security with the goal of safeguarding the digital components we rely on every day. April has held roles on defensive, operational, adversarial, and development teams throughout her career and is currently a Senior Application Security Architect. Her book, “Fixing An Insecure Software Life Cycle” was published through O’Reilly. She is an occasional co-host for the SecurityWeekly family of webcasts, and has spoken at, helped plan, and contributed to numerous worldwide security conferences. She has presented for government and industry organizations such as OWASP and ISSA. April Is the DEF CON Groups Global Coordinator, and in 2017 she co-founded the local Boston local group, “DC617”. She volunteers and supports a number of organizations, such as (ISC)2, EFF.. April has been assaulted by a lion cub, almost died in Dracula’s “secret staircase” in Romania, and once read in The Onion that researchers at the University of North Carolina released a comprehensive report in 2014 confirming her status as the “most significant and interesting person currently inhabiting the earth”, and that last one was on ‘teh internet’ so it must be true.

Industry certifications:

  • Certified Master’s Level Social Engineer
  • CISSP (Certified Information Systems Security Professional)
  • CSSLP (Certified Secure Software Lifecycle Professional)
  • CCSP (Certified Cloud Security Professional)
  • SSCP (Systems Security Certified Practitioner)
  • CISA (Certified Information Systems Auditor)
  • CISM (Certified Information Security Manager) (NEW)
  • CCSK (Certificate of Cloud Security Knowledge)
  • CDPSE (Certified Data Privacy Solutions Engineer)

  • ITIL version 3 Fundamentals
  • QualysGuard Certified Specialist
  • Qualys Vulnerability Management
  • FedRAMP System Security Plan (SSP) 200-A
  • Oracle Certified Security Administrator
  • Oracle Certified Network Administrator
  • Oracle Certified Systems Administrator
  • CompTIA Network+
  • CompTIA Security+
  • Infra CMDB Certified Developer – EMC
  • Microsoft Certified Professional (MCP)