Jason Firch, MBA

Chief Executive Officer
/ Head Of Marketing

Jason Firch is a veteran digital marketer and cyber security expert with a decade of experience as well as the co-founder and CEO at PurpleSec and CMO at SecureTrust Cyber.

 

Throughout his career, Jason has developed, deployed, and evaluated successful digital, inbound, paid, social media, and content marketing initiatives that drive demand.

 

Jason holds both an MBA and BA with a focus on marketing from the Bloomsburg University of Pennsylvania.  He is a recipient of multiple sales awards and has been published in an international business journal. When he’s not hosting the “Security Beyond The Checkbox” podcast, or contributing to the PurpleSec blog, you’ll find Jason helping nonprofits with their online marketing.

 

linkedin transparent image

Recent Articles:

VULNERABILITY MANAGEMENT

How To Centralize Your Patch Management

Discover how to centralize your patch management effectively to enhance cybersecurity in your organization. Our guide explores the benefits, strategies, and tools for successful centralized patch management.

Continue Reading >

VULNERABILITY MANAGEMENT

Cloud Patch Management: Best Practices For 2023

Master cloud patch management with our comprehensive guide. Boost cybersecurity, streamline updates, and fortify your cloud environment today.

Continue Reading >

VULNERABILITY MANAGEMENT

How To Scan & Fix The Log4j Vulnerability: Detection, Remediation, & Prevention

Discover how to scan for and fix Log4j vulnerabilities, ensuring the security of your Java applications while continuing to benefit from this widely-used logging library.

Continue Reading >

VULNERABILITY MANAGEMENT

Top 10 Vulnerability Management Trends & Predictions For 2023

Discover shocking vulnerability management trends for 2023! Experts reveal predictions that’ll change the game – Stay ahead or be hacked!

Continue Reading >

VULNERABILITY MANAGEMENT

How To Improve Visibility Of Vulnerabilities: Techniques & Best Practices

Improve vulnerability visibility in networks & cloud environments with expert tips on strategies, KPIs, prioritization, & automation. Secure your assets now!

Continue Reading >

VULNERABILITY MANAGEMENT

Windows Patch Management Best Practices For 2023

Discover best practices for Windows patch management! Learn how to streamline the process, overcome challenges, and reduce cyber attacks.

Continue Reading >

VULNERABILITY MANAGEMENT

Top 9 Patch Management Challenges (Solved ✓)

Struggling to bring your patch management up to speed? Learn the key challenges along with the solutions to tackle them head on.

Continue Reading >

VULNERABILITY MANAGEMENT

What Is Vulnerability Prioritization? (& How To Do It Effectively)

Learn to effectively prioritize vulnerabilities in your organization’s cyber security efforts. Discover key factors, techniques, and examples for risk-based prioritization.

Continue Reading >

VULNERABILITY MANAGEMENT

How To Automate Your Patch Management In 2023

You can automate your patch management by selecting the right patch management tool that best suits your organization’s needs and configuring its automatic patching settings.

Continue Reading >

VULNERABILITY MANAGEMENT

What Is Patch Management?: A Complete Guide For 2023

Patch management refers to the process of identifying, acquiring, testing, and installing software updates (also known as patches) to an organization’s systems.

Continue Reading >

PENETRATION TESTING

How To Create & Implement A Penetration Testing Policy

A penetration testing policy is a set of formalized guidelines, requirements, and standard operating procedures that serve to define the overall goals, expectations, limits, and methods.

Continue Reading >

PREVENT CYBER ATTACKS

What Is A Spoofing Attack? (And How To Prevent Them)

A Spoofing attack is a means of falsifying any individual’s identity to gain unauthorized access. As a result, attackers will cause internet activity to be rerouted and overburdened or redirected acquiring system access, data theft, and malware injection.

Continue Reading >

VULNERABILITY MANAGEMENT

How To Create & Implement A Patch Management Policy

You can implement and enforce patch management policies by monitoring processes, configuring group policies, and using a patching tool such as SCCM, Satellite, or Wsus.

Continue Reading >

PREVENT CYBER ATTACKS

What Is A Backdoor Attack? (And How To Prevent Them)

A Backdoor attack is mounted on malware that negates routine authentication procedures to access a system. As a result, remote access is granted to resources within an application, such as databases and file servers.

Continue Reading >

SMALL BUSINESS

Top 10 Cyber Security Benefits For Small Business

With a properly implemented cyber security strategy, businesses can be confident that their operations can be sustained indefinitely, critical data is secure, and the risk and financial implications of cyber breach are minimized.

Continue Reading >

SOCIAL ENGINEERING

Social Engineering: What Is It And Why Is It Effective?

Social engineering relies on human behavior and the way humans think. It takes advantage of our tendencies in an attempt to get the target to make a decision they wouldn’t normally make

Continue Reading >

NETWORK SECURITY

9 Common Types Of Malware (And How To Prevent Them)

Malware, or malicious software, is any piece of software that was written with the intent of doing harm to data, devices or to people.

Continue Reading >

SECURITY STRATEGY

Red Team VS Blue Team: What’s The Difference?

Red teams attack systems and break into defenses. Blue teams maintain internal network defenses against all cyber attacks and threats.

Continue Reading >

PENETRATION TESTING

What Are The Different Types Of Penetration Testing?

The different types of penetration testing include network services, web application, client side, wireless, social engineering, and physical.

Continue Reading >

NETWORK SECURITY

Common Types Of Network Security Vulnerabilities In 2022

Malware, social engineered attacks, and more! Is your business prepared to handle the most common types of network security vulnerabilities in 2022?

Continue Reading >

SOCIAL ENGINEERING

How To Create An Email Phishing Campaign In 8 Steps

A phishing campaign is comprised of 8 steps including sending a questionnaire, crafting email templates, defining the vishing and/or smishing scenario, getting stakeholder buy in, performing the test, reporting on findings, and conducting security awareness training.

Continue Reading >

SECURITY STRATEGY

10 Cyber Security Trends You Can’t Ignore In 2021

Our team of IT security experts researched and analyzed the emerging threat landscape in 2020 to bring forward the top 10 cyber security trends in 2021.

Continue Reading >

NETWORK SECURITY

Vulnerability Scanning VS Penetration Testing

Vulnerability scanning identifies vulnerabilities within systems on a network. Penetration testing simulates an attack to exploit vulnerabilities.

Continue Reading >

SMALL BUSINESS

5 Proven Network Security Tips For Small Business

Want to prevent financial loss or legal liability from cyber attacks? Follow these 5 steps to protect your network from attacks.

Continue Reading >

SECURITY STRATEGY

14 Essential Network Security Policies Templates You Need

A network security policy is a set of standardized practices and procedures that outlines rules network access, the architecture of the network, and security environments, as well as determines how policies are enforced.

Continue Reading >

NETWORK SECURITY

How To Prevent Ransomware Attacks: An Expert Guide

You can mitigate or prevent ransomware attack by implementing user education and training, automating backups, minimizing attack surfaces, having an incident response plan, installing endpoint monitoring and protection across your fleet, and purchasing ransomware insurance.

Continue Reading >

SECURITY STRATEGY

SIEM VS IDS: What’s The Difference?

The main difference between a SIEM and IDS is that SIEM tools allow the user to take preventive action against cyber attacks whereas an IDS only detects and reports events.

Continue Reading >

SECURITY STRATEGY

CMMC VS NIST 800-171 (And How You Can Prepare)

CMMC stands for the Cybersecurity Maturity Model Certification. The CMMC will encompass multiple maturity levels that range from Level 1: Basic Cyber Hygiene to Level 5: Advanced / Progressive.

Continue Reading >

CYBER ATTACKS

How To Prevent A Distributed Denial Of Service (DDoS) Attack

You can prevent a distributed denial of service attack by: Developing a denial of service response plan, Securing your network infrastructure, Filtering routers at the edge of your network to spot and dro DDoS connections, Blackholing the site that is being DDoS’d, thereby directing all traffic to an invalid address.

Continue Reading >

CYBER ATTACKS

How To Prevent A Buffer Overflow Attack

You can prevent a buffer overflow attack by auditing code, providing training, using compiler tools, using safe functions, patching web and application servers, and scanning applications.

Continue Reading >

CYBER ATTACKS

How To Prevent A ICMP Flood Attack

You can prevent ping attacks by configuring your firewall, adding filters to your router, looking at spoofed packets, monitoring traffic patterns, scanning your network.

Continue Reading >

CYBER ATTACKS

How To Prevent A SYN Flood Attack

You can SYN flood attacks by installing an IPS, configuring your firewall, installing up to date networking equipment, and installing commercial monitoring tools.

Continue Reading >

CYBER ATTACKS

How To Prevent A Domain Name Server (DNS) Amplification attack

You can prevent a DNS amplification attack by Implementing Source IP Verification on a network device, Disabling Recursion on Authoritative Name Servers, Limiting Recursion to Authorized Clients, and Implementing Response Rate Limiting (RRL) setting on DNS Server.

Continue Reading >

Jason Firch MBA - cyber security expert

Jason Firch

CEO / CMO

Michael Swanagan

Michael Swanagan

Technical Editor-In-Chief

Dalibor Gašić - cyber security expert

Dalibor Gašić

Head Of Security Research

Dušan Trojanović - cyber security expert

Dušan Trojanović

Senior Security Researcher

Eva Georgieva - cyber security expert

Eva Georgieva

Senior Security Researcher

Kenneth Thomas - cyber security expert

Kenneth Thomas

Senior Security Researcher

Liam Smith - cyber security expert

Liam Smith

Security Researcher

Eryk Waligora - cyber security expert

Eryk Waligora

Technical Writer

Strahinja Stankovic - cyber security expert

Strahinja Stankovic

Technical Writer