Certifications

###Certifications/Experience###
Items are grouped as follows:
- bullet point
^ sub item(s) of bullet point

-10+ years focusing/real world experience in hacking/cybersecurity

-Network Security and Infrastructure
^In-depth knowledge of network architectures, including cloud, hybrid, and on-premises solutions, with a focus on securing scalable and dynamic environments.
^Expertise in implementing network segmentation, access control lists (ACLs), and secure VPN configurations to protect sensitive data and maintain privacy.
^Experience in configuring and managing firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS) to monitor and respond to potential threats.
^Working with both military and civilian IT systems I get a great idea of what the bad guys are after and can implement mitigations for weakness as needed.
^Experience working in local IT with CBT Carmichael Business Technology for little over a year. Who I refer clients to who need Help Desk needs as my first and only choice as they "CBT" are the standard when it comes to everyday IT needs.
^Prior to this helping local home users under Mr. Robot IT non-professionally.
^Currently monitor and maintain security/logging mechanisms for my infrastructure/servers as well as my clients in an efficient manner.

-Wireless/Radio Network Security
^Understanding and implementing security for WEP, WPA/WPA2, WPA3 including encryption types TKIP+AES, etc.
^Experience with DOS/password/phishing attacks on wireless networks (real-life success/practical applications).
^Proficiency in tools and techniques for RF analysis and security, capable of operating in frequencies from 1 MHz to 6 GHz, including the use of devices like Flipper Zero and HackRF for penetration testing and security assessments.
^Successfully used these tools from everything benign as Christmas lights to broadcasting pirate FM radio stations or stealing a car's key unlock *rolling codes good mitigation, not bulletproof though!*

-3+ years Military Network Environments Experience
^Cyber Center of Excellence ~ DISTINGUISHED GRADUATE (top of my class)~
^Awards from and praise from many others; 
^And much more to help protect you and or your business!

-BugBounty Hunting for Fortune 500 companies
^I have extensive experience auditing Source Code, Web Apps, Desktop Apps, Networks and more for these major companies
^Some examples of target's I've helped secure are on services that you most likely have used so your already benefiting from my services to you!
^Some information is confidential and only pulling from a public viewing perspective not all companies I've helped can be named due to Non-Disclosure Agreement's and/or Private programs not revealed to public.
^I've helped Hilton secure vulnerabilities check HERE for csv showing an example scope being tested for a company and been awarded HIGH impact vulnerability bugs by said company.
^And more!

-Compliance Standards, Knowledge / Experience implementing, enforcing, and auditing  protect business's and end user credit card data or user data
^A quick summary of some compliance standards we can help you enforce or ensure your REALLY covered and compliant are as follows:
^PCI DSS (Payment Card Industry Data Security Standard): For organizations that handle credit card information, ensuring the security of cardholder data.

^HIPAA (Health Insurance Portability and Accountability Act): For healthcare organizations in the U.S., focusing on the protection of patient health information.
^GDPR (General Data Protection Regulation): For organizations operating within the EU or dealing with the data of EU citizens, emphasizing data protection and privacy.

^NIST (National Institute of Standards and Technology) Frameworks: Including the NIST SP 800-53 for federal information systems and organizations and the Cybersecurity Framework for improving critical infrastructure cybersecurity.

^TSC (Trust Services Criteria): Particularly relevant for SOC 2 reporting, focusing on security, availability, processing integrity, confidentiality, and privacy of customer data.
^Getting covered under these and certified can show your strength as a business and your robust/modern security against the cyber world!

-I have extended knowledge on DDOS/DOS and mitigations (see below)
^L1 *cutting cables/target critical infrastructure* Brief Ex Mitigations: security cages for network equipment, enhanced physical security measures, surveillance systems, secured storage facilities, etc.
^L2 *Mac attacks* Brief Ex Mitigations: MAC filtering, port security, dynamic ARP inspection, etc.
^L3 *ICMP attacks / Fragmentation Attacks* Brief Ex Mitigations: Geographic IP Blocking, rate limiting ICMP messages, ingress filtering, and more tailored strategies.
^L4 *SYN Floods, UDP Floods* Brief Ex Mitigations: SYN cookies, rate limiting, UDP traffic analysis and filtering, advanced firewall configurations.
^L7 *HTTP GET/HEAD/POST/PUT, web application layer bugs, over/underflows in web apps* Brief Ex Mitigations: Deployment of CDN's, WAF's, application rate limiting, input validation, and session management enhancements.
^Experience with REAL Botnet C2's and DDOS buy-as-service's and seen its impact on business as well as end clients specifically streamers!

Ongoing Professional Development in Cybersecurity
^Actively engaged in preparing for the Offensive Security Certified Professional (OSCP) exam, demonstrating a hands-on approach to cybersecurity skills.
^Currently studying for the Burp Suite Certified Professional (BSCP) examination, with a focus on mastering web application security testing techniques. Which I'm already #32 in the entire world(check the hall of fame!->https://portswigger.net/web-security/hall-of-fame) in the world on pioneering AI hacking discovering 0 Days in LLM's.
^24/7 cybersecurity feeds updates be it X, Youtube, Linkedin, or other platforms. So I'm always in the know, let alone our own Threat intel server's so we stay informed to say the least.
^Books I'm always reading on new methods and detection methods to catch the bad guys and stay ahead of them.

Lets work together and make the internet a safe and welcome place!

WE can take the power back! - James Doll, CEO