Bruce Marshall

Bruce Marshall Email and Phone Number

Senior Information Security Consultant @
Bruce Marshall's Location
Wichita, Kansas, United States, United States
Bruce Marshall's Contact Details

Bruce Marshall work email

Bruce Marshall personal email

About Bruce Marshall

Presented on the following topics:- "Proactive Password Leak Processing" at PasswordsCon 16 / BSidesLV- "How Secure Are Multi-Word Random Passphrases"​ at PasswordsCon 15 / BSidesLV- "How Forced Password Expiration Affects Password Choice"​ at PasswordsCon 14 / BSidesLV- "A Review of Real World Security Questions & Answers"​ at PasswordsCon 13- "Avoiding Poor Challenge Question Authentication"​ at OWASP KC meeting 2007- "2007 Security Threatscape"​ at ITEC Kansas City in 2006- "Combating Common Web Application Authentication Threats"​ and "Evaluating Alternatives to Passwords"​ at NEbraskaCERT 2005- "Evaluating Authentication Solutions"​ at WebSec 2004- "The Realities of Windows 2000 Security"​, "Windows 2000 Authentication"​, and facilitated the Telecommunications Birds of a Feather session with George Dolicker at InfoSec World 2001- "Windows 2000 Encrypting File System (EFS)"​ and facilitated the Windows 2000 Security Birds of a Feather conference session at SANS Baltimore 2001 - "Authentication Solutions Besides PKI"​ and "Planning Active Directory Security in Windows 2000"​ at the Annual Conference & Expo on Control and Audit of Information Technology- "Reusable Passwords and Authentication Alternatives" at Black Hat 1998- Presented, and facilitated round table discussions, at ISSA chapter meeting around the country on the topics of authentication, Windows security, VPNs, and passwords- Created and delivered online web seminars at INS/Lucent and Security PS on various security topics and service offeringsParticipated in these organizations:- Former Chapter Leader, OWASP Kansas City chapter- Former Vice President, ISSA Kansas City chapter- Former Vice President, AITP Wichita chapterCompleted certifications: CISSP, NSA-IAM, CISA, MCSE: Security, SPI Certified Instructor (WebInspect), Security+, CCDA, CCNA, LCTE +Internetworking

Bruce Marshall's Current Company Details
PasswordResearch.com

Passwordresearch.Com

Senior Information Security Consultant
Bruce Marshall Work Experience Details
  • Passwordresearch.Com
    Founder
    Passwordresearch.Com 2002 - Present
    Kansas City, Missouri Area
    I created this site to consolidate the important information for dealing with password and authentication risks. I seek out and collect the research of security professionals and academics discussing practices for authentication system management. Over the past decades I have expanded this library to over a thousand papers and studies. My goal is to promote better use of the existing body of knowledge as well as encourage new collaborations between those in the academic and commercial circles.I have also conducted my own research on passwords and related authentication practices, the results of which I publish on the site and regularly discuss at security conferences. My expert commentary has been featured in articles by news organizations like BBC News, The Wall Street Journal, New York Post, Infosecurity Magazine, and Ars Technica,
  • Commerce Bancshares, Inc
    Security Analyst Iv
    Commerce Bancshares, Inc Sep 2008 - Apr 2018
    Managed the web application security program for the bank, which involved identifying gaps between our program standards and regulatory / industry practices, improving our assessment methodologies, and documenting procedures. Created custom reports to communicate vulnerability findings with in-house developers or outside vendors, and to track issues to their resolution. Balanced business objectives with security goals.Performed manual penetration testing and automated scanning of 100+ customer-facing and internal web apps (primarily Java, C#, or JavaScript based), web services, open source projects, and some infrastructure components. Reviewed vulnerability assessment reports from tools and from third-party consultants to determine their accuracy, risk rating, and our remediation plan.Represented IT Security in application and infrastructure projects. Provided task scoping and process feedback to project teams. Documented, tracked, and communicated risks to IT and business units. Evaluated vendor security program maturity and product design.Collaborated with software development teams, which included delivering an annual secure development course and hosting quarterly secure development roundtables to discuss app vulnerabilities, internal standard changes, and Secure SDLC process integration. Also trained IT Security dept staff on web application security fundamentals, processes, and tool use.
    View
  • Security Ps
    Director Of Network Security Services
    Security Ps Jan 2004 - Jun 2008
    Kansas City, Missouri Area
    Performed security consulting services for clients, primarily in the financial industry. These projects included network vulnerability assessments, penetration tests, gap analysis, web application security assessments, incident response, and policy development. I managed these projects, wrote technical reports, and presented the findings to IT and executive management.Directed the network security services practice by creating new company service offerings to meet changing industry demands (PCI DSS, FFIEC guidelines, etc.) and developing the methodologies to deliver them. Managed other consultants on client projects. Supported business development with sales meetings, project scoping, and proposal creation. Started the Security PS blog and wrote technical content for it.Created and taught several day-long or multi-day information security training courses for clients, which covered subjects such as Windows & Active Directory security, web application security, information security fundamentals, and WebInspect. Presented at conferences, chapter meetings, and webcasts. Provided security subject matter expertise to Microsoft in the creation of their own course and certification exam content.
    View
  • International Network Services (Ins)
    Principal Consultant
    International Network Services (Ins) Aug 2002 - Jan 2004
    Kansas City, Missouri Area
    Continued work mentioned below as INS was spun off as independent company from Lucent Technologies.
    View
  • Lucent Technologies
    Distinguished Member Of Consulting Staff
    Lucent Technologies Sep 1999 - Jul 2002
    Kansas City, Missouri Area
    Provided security, networking, and Windows consulting services to clients such asSprint, Conoco-Phillips, Radio Shack, and American Express. Worked on high profile projects and solved problems related to Cisco routing/switching equipment & protocols, Windows 2000 / XP / .NET Servers & Active Directory, Public Key Infrastructures (PKI), authentication protocols & practices, and IP network optimization. Managed these projects, wrote both technical and summary reports, and presented the findings in person to IT and executive management.Developed and facilitated technical training for customers and peers, improved our consulting project methodologies, and supported business development efforts. Presented on technical topics at national conferences, seminars, and webcasts.Led fellow consultants through formal and informal mentoring, technical practice management, and client project management. Represented the consulting staff in company leadership meetings and projects (such as technical bio template creation).
    View
  • International Network Services
    Senior Consultant
    International Network Services Jul 1999 - Sep 1999
    Kansas City, Missouri Area
    I consulted with clients on topics of information security, internetworking, and Microsoft technologies. INS was acquired by Lucent Technologies where I've documented my accomplishments and responsibilities.
    View

Bruce Marshall Skills

Ccna Ccda Cisa Penetration Testing Vulnerability Management Cissp Security+ Information Security Management Vulnerability Assessment Application Security Network Security Active Directory Computer Security Information Security Pki Security Web Application Security Vpn Windows Server Pci Dss Security Audits Security Architecture Design Information Technology Ids Ips Firewalls Iso 27001 Security Awareness Identity Management Network Architecture Risk Management Owasp Encryption Data Security Security Policy It Audit Enterprise Risk Management

Frequently Asked Questions about Bruce Marshall

What company does Bruce Marshall work for?

Bruce Marshall works for Passwordresearch.com

What is Bruce Marshall's role at the current company?

Bruce Marshall's current role is Senior Information Security Consultant.

What is Bruce Marshall's email address?

Bruce Marshall's email address is br****@****ank.com

What is Bruce Marshall's direct phone number?

Bruce Marshall's direct phone number is +181676*****

What skills is Bruce Marshall known for?

Bruce Marshall has skills like Ccna, Ccda, Cisa, Penetration Testing, Vulnerability Management, Cissp, Security+, Information Security Management, Vulnerability Assessment, Application Security, Network Security, Active Directory.

Not the Bruce Marshall you were looking for?

View similar profiles

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.