EXPERIENCE
Phil started his career in IT over 15 years ago as a software engineer customizing Customer Relationship Management (CRM) and accounting systems. He then moved into IT operations, focusing on writing custom integrations and automating systems administration. After that, he spent several years in IT technical leadership positions building security practices into IT operations. He eventually brought that security mindedness into a Managed Services Provider (MSP), where he could make a larger impact on the security of SMBs, eventually leading to full-time security consulting work. Phil’s diverse skills range from networking and coding to IT operations and leadership, giving him the holistic view needed to solve the security challenges facing businesses today.
EDUCATION & CERTIFICATIONS
- ITIL Foundation
- Certified Information Systems Security Professional (CISSP)
- CompTIA Advanced Security Practitioner (CASP)
- GIAC Network Forensic Analyst (GNFA)
PROFESSIONAL AFFILIATIONS
- ISC2
- West Michigan Cyber Security Consortium
- Information Systems Security Association
INDUSTRY CONTRIBUTIONS
Phil volunteers as an incident responder for Michigan Cyber Civilian Corps (MiC3)
PASSION FOR SECURITY
Phil’s passion for security started during his time with a youth travel organization in which protecting information about children was his top priority. That passion has grown to include all forms of privacy concerns. For personal projects, Phil enjoys playing with detection and attack tools in a home lab and writing open source integration tools.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Windows LAPS: Closing a Gap for Cloud-Native Device Management
Enables Azure AD integrated, built-in Local Administrator Password Solution (LAPS) in Windows 10 and 11, controlling privileged access with Intune.
Who’s Winning the Red vs. Blue Team Arms Race
Experts Adam Compton, Phil Rowland, and Scott Nusbaum discuss the Red vs. Blue team arms race, sharing insights on the past, current, and future of…
Adding Value to a Traditional Penetration Test
Leaders from TrustedSec's Advisory, Remediation, and Incident Response teams discuss how to optimize penetration testing, revealing common security challenges,…
Data Loss Prevention in a Remote-Work World
Maximize Microsoft Office 365 data protection and prevent confidential data leaks with expert guidance from Remediation Security Consultants Phil Rowland and…
Advancing Office 365 Security: Troubleshooting Conditional Access Policies and Gaining Insights into Azure AD
Python 2.x/3.x Remote Code Execution in socket.recvfrom_into() based on PoC from @sha0coder, a potentially dangerous vulnerability in Python's socket module,…
Azure Automation - Getting Started With Desired State Configurations
Compiling and Assigning DSC configurations for endpoint configuration management in Azure, ensuring secure and automated workflows with PowerShell scripts and…
Addressing Endpoint Challenges of a (Suddenly) Remote Workforce with Azure
Learn how to automate endpoint hygiene and simplify security with cloud-based configuration management in this practical webinar featuring Paul Sems and Phil…
PCI DSS Payment Card Data Retention
The Payment Card Industry Data Security Standard (PCI DSS) applies to and has specific requirements for retention of Account Data. In general, organizations…
Trimarc Joins TrustedSec: Strengthening Our Commitment to Security
Play We’re excited to share some big news: Trimarc Security is now fully operating under TrustedSec! This marks a significant step forward in our mission to…
Are Attackers "Passing Through" Your Azure App Proxy?
TL;DR - Azure app proxy pre-authentication set to Passthrough may unintentionally expose private network resources.Microsoft’s Azure app proxy allows for…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
