Skip to Main Content

Phil Rowland

Practice Lead, Remediation Services

EXPERIENCE
Phil started his career in IT over 15 years ago as a software engineer customizing Customer Relationship Management (CRM) and accounting systems. He then moved into IT operations, focusing on writing custom integrations and automating systems administration. After that, he spent several years in IT technical leadership positions building security practices into IT operations. He eventually brought that security mindedness into a Managed Services Provider (MSP), where he could make a larger impact on the security of SMBs, eventually leading to full-time security consulting work. Phil’s diverse skills range from networking and coding to IT operations and leadership, giving him the holistic view needed to solve the security challenges facing businesses today.

EDUCATION & CERTIFICATIONS

  • ITIL Foundation
  • Certified Information Systems Security Professional (CISSP)
  • CompTIA Advanced Security Practitioner (CASP)
  • GIAC Network Forensic Analyst (GNFA)

PROFESSIONAL AFFILIATIONS

  • ISC2
  • West Michigan Cyber Security Consortium
  • Information Systems Security Association

INDUSTRY CONTRIBUTIONS
Phil volunteers as an incident responder for Michigan Cyber Civilian Corps (MiC3)

PASSION FOR SECURITY
Phil’s passion for security started during his time with a youth travel organization in which protecting information about children was his top priority. That passion has grown to include all forms of privacy concerns. For personal projects, Phil enjoys playing with detection and attack tools in a home lab and writing open source integration tools.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog May 09 2023

Windows LAPS: Closing a Gap for Cloud-Native Device Management

1 TLDR; Microsoft is releasing an Azure AD integrated, built-in LAPS agent to Windows 10 and Windows 11 that can be controlled by Intune. 1.1   Problem…

Read about this article
Webinars March 08 2023

Who’s Winning the Red vs. Blue Team Arms Race

Join experts Adam Compton—Principal Penetration Testing Consultant, Phil Rowland—Remediation Practice Lead, and Scott Nusbaum—Principal Advanced Research…

Read about this article
Webinars July 27 2022

Adding Value to a Traditional Penetration Test

Join leaders from TrustedSec’s Advisory, Remediation, and Incident Response teams as they discuss where many programs go wrong, the consequences, and how to…

Read about this article
Webinars April 21 2021

Data Loss Prevention in a Remote-Work World

Join Remediation Security Consultants Phil Rowland and Mike Owens for insights on this important but misunderstood Office 365 feature.

Read about this article
Webinars August 05 2020

Advancing Office 365 Security: Troubleshooting Conditional Access Policies and Gaining Insights into Azure AD

Join Remediation and Optimization Managing Director Paul Sems and Security Consultant Phil Rowland who will walk through some of the challenges, options, and…

Read about this article
Blog July 21 2020

Azure Automation - Getting Started With Desired State Configurations

Azure brings a lot of new tools and capabilities to the IT and Information Security toolbox. In fact, there are so many features that it can be overwhelming…

Read about this article
Webinars May 20 2020

Addressing Endpoint Challenges of a (Suddenly) Remote Workforce with Azure

Join TrustedSec Practice Lead Paul Sems and Security Consultant Phil Rowland as they impart their knowledge and experiences converting existing Group Policy to…

Read about this article
Blog December 03 2024

Discovering a Deserialization Vulnerability in LINQPad

Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…

Read about this article
Blog November 21 2024

A 5-Minute Guide to HTTP Response Codes

If you've done any network scanning or application testing, you've run into your fair share of HTTP response codes. If not, these codes will show up in most…

Read about this article
Blog November 14 2024

Attacking JWT with Self-Signed Claims

JSON Web Tokens (JWTs) are a widely used format for applications and APIs to pass authorization information. These tokens often use a JSON Web Signature (JWS)…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.