911Cyber

What most people picture when they think about cybersecurity Dark rooms Lots of screens Responding to alerts But real security is not only about reacting. Threat hunting means looking for suspicious activity before an attack becomes a breach. In this clip, Teresa explains why proactive defense is becoming a key part of modern cybersecurity. 🎙 Teresa 🎧 Conversation with Prapti and Sofia #cybersecurity #threathunting #infosec #socanalyst #blueteam #cyberdefense #securityoperations #cyberawareness

🧠 Humans of Cyber | David Adrian Modern cybersecurity research increasingly relies on large scale internet measurement. One open source platform that has helped researchers study the global internet is Censys, co-created by David Adrian, a computer scientist and security researcher known for his work in internet scale scanning and cryptographic security. Adrian helped develop Censys in 2015 while conducting research at the University of Michigan. The goal was to build a platform capable of continuously scanning the public internet and indexing exposed services, certificates, and protocols. Security researchers needed a structured way to analyze how systems were configured across the global network, particularly when studying vulnerabilities and cryptographic deployments. Technically, Censys collects internet wide scan data using large scale scanning infrastructure. The platform identifies services running on publicly reachable hosts and records metadata about those services, such as TLS certificates, protocol versions, and exposed ports. This data is indexed and made searchable through APIs and query interfaces that allow researchers to analyze global infrastructure patterns. Because the platform captures detailed information about internet facing systems, it has become an important resource for vulnerability research, threat intelligence, and academic studies. Security teams use it to understand attack surface exposure, track vulnerable services, and monitor how quickly organizations patch critical security flaws. The platform’s open datasets and research publications have contributed to several major studies on internet security, including analyses of TLS deployments, cryptographic weaknesses, and large scale infrastructure misconfigurations. Today the project continues to support security researchers, defenders, and academics who need visibility into how services are deployed across the public internet. A question for the community How useful are internet wide scanning platforms when identifying emerging security risks across global infrastructure? #CyberSecurity #ThreatIntelligence #InternetSecurity #OpenSourceSecurity #Attack

🧠 Humans of Cyber | Sameer Al-Sakran and Allen Gilliland Metabase is an open source business intelligence platform founded in November 2014 by Sameer Al-Sakran and Allen Gilliland, with early development incubated at Expa, the startup studio founded by Garrett Camp. It was created to reduce the friction between complex data warehouses and non-technical stakeholders by providing a web-based interface for querying and visualizing data. The goal was to make data exploration as accessible as a spreadsheet while retaining the power of modern databases. Instead of centralizing analytics within data teams, Metabase enables product, finance, marketing, and security teams to explore structured data directly. Metabase is built primarily in Clojure on the Java Virtual Machine, with a React and TypeScript frontend. Its Query Builder translates user actions into an intermediate query layer that compiles into native SQL, while advanced users can write direct SQL in the Native Query Editor. It connects directly to databases and cloud warehouses, leaving business data in source systems and storing only metadata in a separate application database. A driver-based architecture enables support for multiple databases, and background sync and scan processes map schemas to power the no-code interface. Models and Metrics standardize definitions to reduce reporting inconsistencies, while dashboards and collections support collaboration. The open source edition is licensed under the GNU Affero General Public License version 3. Organizations can deploy it as a self-hosted application or through managed cloud options with regional hosting. As of 2026, Metabase remains an actively maintained analytics platform used across startups, enterprises, and regulated industries. How is your organization ensuring data access without compromising governance and control? #HumansOfCyber #OpenSource #Metabase #DataAnalytics #BusinessIntelligence #SecurityMetrics #DevOps #DataEngineering

🧠 Humans of Cyber | Andy Wick. Modern threat investigations often require deep visibility into network traffic. Security teams frequently need the ability to search historical packet data and reconstruct how an attacker moved through an environment. One open source project designed for this purpose is Arkime, created by Andy Wick. Wick first developed the project in 2012 while working at AOL to address a common challenge in large networks. Packet capture systems could store traffic, but searching through that data quickly during an investigation was difficult. The goal was to build a platform that could capture packets continuously while allowing analysts to search network sessions in near real time. Technically, Arkime is a large scale packet capture and indexing system. Network sensors record full packet data while extracting metadata about each session. This metadata is indexed and made searchable through distributed databases. Early versions relied on Elasticsearch, and modern deployments fully support OpenSearch, which is commonly used today for indexing and query performance. The architecture separates packet capture from analysis components. Capture nodes record traffic and store packet data locally, while the viewer interface allows investigators to search session metadata across distributed sensors. Analysts can query sessions using attributes such as IP addresses, protocols, ports, domain names, or time ranges. When a relevant session is found, the full packet capture can be reconstructed for deeper analysis. The project was originally released under the name Moloch, but it was renamed Arkime in 2021. The name references Archimedes, the observant owl from the Merlin stories, which also inspired the project's mascot. Around the same time, the codebase moved to its own dedicated GitHub organization arkime/arkime, helping the project evolve as an independent open source community effort. Today Arkime is widely used by security operations teams, network defenders, and incident responders who need long term visibility into network activity. The ability to search historical packet captures allows investigators to revisit traffic when new indicators of compromise appear, making it a valuable capability during threat hunting and forensic analysis. A question for the community How does full packet capture change the way your team investigates incidents compared with flow based monitoring alone? #CyberSecurity #NetworkSecurity #ThreatHunting #DFIR #PacketAnalysis #OpenSourceSecurity #BlueTeam #InfosecCommunity

🧠 Humans of Cyber | Greg Anderson OWASP DefectDojo is an open source vulnerability management and orchestration platform created by Greg Anderson to help security teams centralize, triage, and track findings across application and infrastructure testing tools. It was developed to address the fragmentation that occurs when scan results from static analysis, dynamic testing, container scanning, and penetration tests are stored in separate systems without consistent workflow management. Greg Anderson is publicly associated with the creation and early development of DefectDojo within the OWASP ecosystem. The project was built to provide a structured way to aggregate vulnerabilities, deduplicate findings, assign ownership, and measure remediation progress across engineering teams. At a technical level, DefectDojo is a Django-based web application backed by a relational database. It ingests results from numerous security tools through import parsers and APIs, normalizes findings into a consistent data model, and supports role-based access control for triage and remediation workflows. The platform provides dashboards, metrics, risk scoring, and reporting features that allow organizations to track trends over time and integrate vulnerability management into CI CD pipelines. DefectDojo is widely used in DevSecOps programs, application security teams, consulting environments, and internal security operations functions where multiple scanners and manual testing outputs need centralized coordination. It integrates with issue tracking systems and automation pipelines to streamline remediation tracking. The project is licensed under the BSD 3-Clause License and is governed within the OWASP Foundation framework, with public contribution guidelines and community maintainers. As of 2026, OWASP DefectDojo remains an actively maintained open source vulnerability management platform. How is your organization consolidating vulnerability data to reduce duplication and improve remediation accountability? #HumansOfCyber #OpenSource #OWASP #DefectDojo #DevSecOps #VulnerabilityManagement #AppSec #SecurityEngineering

🧠 Humans of Cyber | Brendan Dolan-Gavitt Advanced malware analysis often requires more than static inspection. It demands the ability to replay execution and observe system behavior at instruction-level detail. That capability is central to PANDA, an open source dynamic analysis platform designed for whole-system record and replay. PANDA was created by Brendan Dolan-Gavitt as a research platform built on QEMU. Its design enables analysts to record complete system executions and replay them deterministically, allowing detailed forensic inspection of program behavior. Unlike traditional sandboxes that focus only on high-level activity, PANDA provides instruction-level replay and supports dynamic taint analysis, system call tracing, and plugin-based instrumentation. This allows researchers and defenders to trace how data flows through a system and understand how exploits unfold over time. The platform has been widely used in academic research, vulnerability analysis, and malware investigation. It remains open source and actively maintained within the research community as of 2026. Brendan Dolan-Gavitt continues to be publicly associated with security research and dynamic analysis, and PANDA remains a reference platform for advanced behavioral analysis and reproducible experimentation. Open question When investigating sophisticated malware, what provides more clarity. Static code review or deterministic runtime replay. #HumansOfCyber #OpenSource #MalwareAnalysis #DFIR #PANDA #CyberCommunity

🧠 Humans of Cyber | Toni de la Fuente Prowler is an open source cloud security assessment tool created in 2016 by Toni de la Fuente. It started as an AWS security auditing utility and evolved into a multi-cloud assessment platform used by security, compliance, and DevOps teams to continuously evaluate cloud environments against established control frameworks. Toni de la Fuente is the original author and continues to be publicly associated with its development and direction. The project was built to provide a practical, automated way to validate cloud configurations against structured baselines such as CIS Benchmarks, NIST guidance, PCI-DSS, and SOC 2 related controls. Prowler operates primarily as a CLI-driven engine that queries cloud provider APIs across AWS, Azure, Google Cloud, and Kubernetes. It evaluates resources against defined security checks, produces machine-readable and audit-ready reports, and includes an attack path visualization feature that leverages Neo4j for AWS environments. Distributed under the Apache License 2.0, Prowler maintains public contribution guidelines and active repository governance. As of 2026, it remains an actively maintained open source cloud security assessment platform. How are you operationalizing automated cloud configuration validation in your environment today? #HumansOfCyber #OpenSource #CloudSecurity #CSPM #AWS #Azure #GCP #Kubernetes #DevSecOps #Compliance #SecurityEngineering

🧠 Humans of Cyber | Nicholas C. Zakas Modern application security increasingly depends on identifying risky patterns during development rather than after deployment. That workflow is supported by ESLint, an open source static analysis engine widely used in JavaScript and TypeScript ecosystems. ESLint was created in 2013 by Nicholas C. Zakas to provide a configurable linting framework capable of enforcing both stylistic conventions and logical code quality rules. Its rule-based architecture enabled teams to define custom checks, including patterns relevant to maintainability and security. In 2016, ESLint joined the jQuery Foundation. The project later transitioned through the JS Foundation and became part of the OpenJS Foundation in 2019 following the merger of the JS Foundation and the Node.js Foundation. This governance evolution positioned ESLint within a broader community-driven ecosystem supporting long-term sustainability. While ESLint historically enforced stylistic constraints, by 2026 many projects rely on dedicated formatting tools for whitespace and stylistic normalization. ESLint remains central for enforcing logical correctness, detecting problematic patterns, and supporting rule-based analysis through an extensible plugin model. It continues to be actively maintained and widely integrated into development environments and CI pipelines. Nicholas Zakas remains publicly identifiable as the creator of ESLint and associated with its early architectural direction. Open question In secure development workflows, does governance stability influence your trust in open source tooling. #HumansOfCyber #OpenSource #ESLint #AppSec #SecureDevelopment #OpenJS

🧠 Humans of Cyber | Michael DeHaan Ansible is an open source automation platform created in 2012 by Michael DeHaan to make configuration management and infrastructure automation simpler and more accessible. Instead of relying on complex agent-based models, it was built around a clear idea: automation should be readable, predictable, and easy to operate at scale. Michael DeHaan led the early development of Ansible before the project was acquired by Red Hat in 2015. From the beginning, the focus was on reducing operational overhead while maintaining strong technical discipline. Ansible introduced a push-based architecture that communicates over SSH, removing the need to install agents on managed systems. At a technical level, the tool uses YAML-based playbooks to define the desired state of infrastructure. Tasks are executed through modular components, and its idempotent design ensures that repeated runs move systems toward the intended configuration without creating unintended changes. This model made it practical for teams managing cloud, hybrid, and on-prem environments. Today, Ansible is widely used for provisioning, patch management, compliance validation, and application deployment across Linux, Windows, network devices, and major cloud platforms. It integrates into CI CD pipelines and platform engineering workflows as a core automation layer. The core engine is licensed under the GNU General Public License version 3. The Ansible community package is coordinated by the Ansible Community Team, with releases assembled through public repositories and automated using GitHub Actions workflows. Ansible Core continues to be maintained under Red Hat stewardship with active community contribution. As of 2026, it remains an actively maintained open source automation platform. How is your team balancing infrastructure automation simplicity with scalability across hybrid environments? #HumansOfCyber #OpenSource #Ansible #DevOps #InfrastructureAsCode #Automation #CloudSecurity #Linux #PlatformEngineering

🧠 Humans of Cyber | Bill Burke Modern application environments require a centralized, standards-based approach to authentication and authorization that operates consistently across services, APIs, and distributed systems. This requirement is addressed by Keycloak, an open source identity and access management platform that provides single sign-on, token issuance, and fine-grained access control. Originally created at Red Hat, with Bill Burke playing a foundational role in its early architecture, Keycloak was designed around widely adopted identity standards including OAuth 2.0, OpenID Connect, and SAML 2.0, enabling interoperable identity enforcement across heterogeneous environments. Beginning with version 17 and fully completed in version 18, Keycloak transitioned from the WildFly application server to a Quarkus-based runtime. This migration reduced memory consumption, improved startup performance, and enhanced suitability for containerized and cloud-native deployments. In 2023, Keycloak became an incubating project within the Cloud Native Computing Foundation. This marked its transition from primarily Red Hat-led stewardship to broader community governance under CNCF, while Red Hat remains a major contributor. As part of its modernization roadmap, the project explored a Map Storage model intended to replace the traditional JPA-based persistence layer. That initiative was discontinued. Instead, development focused on optimizing the existing JPA store and introducing improvements such as persistent user sessions to enhance scalability, clustering behavior, and operational reliability in distributed deployments. Keycloak supports both identity federation and identity brokering. Federation enables integration with external user directories such as LDAP and Active Directory, while brokering allows authentication through external identity providers using standards such as OpenID Connect and SAML. Supporting both models enables organizations to modernize authentication flows while maintaining compatibility with established identity infrastructures. As of 2026, Keycloak remains open source, actively maintained, and widely adopted across enterprise and cloud-native environments. Open question When scaling identity systems, what creates greater operational strain over time. Session management or external trust relationships. #HumansOfCyber #OpenSource #Keycloak #IAM #CloudSecurity #CNCF

🧠 Humans of Cyber | Isaac Evans, Luke O'Malley, and Drew Dennison Static analysis only becomes useful when developers can understand the rules that are flagging their code. That philosophy shaped Semgrep, a security-focused code analysis engine built to make rule writing readable, flexible, and developer-friendly. Semgrep was co-founded by Isaac Evans, Luke O'Malley, and Drew Dennison. The company originally launched as r2c, with the goal of building a static analysis system where rules could be written in a clear, YAML-based format that developers could understand and modify. The core Semgrep engine remains open source under the LGPL-2.1 license. It allows teams to create custom rules that match insecure code patterns across multiple programming languages and integrate those checks directly into development workflows. As the platform evolved, more advanced capabilities such as cross-file interprocedural analysis and deeper taint tracking were introduced in the proprietary Semgrep Pro Engine and AppSec platform. This commercial layer supports enterprise-scale use cases while the open source engine continues to operate independently. In response to these shifts, a community fork known as Opengrep emerged to preserve a fully open implementation of advanced static analysis features. As of 2026, Semgrep OSS remains actively maintained, widely adopted, and central to many secure development programs. The founders continue to be publicly identifiable and associated with its evolution. Open question When static analysis tools evolve commercially, what matters more to you. Advanced capability or long-term openness. #HumansOfCyber #OpenSource #AppSec #Semgrep #SecureCoding #CyberCommunity

🧠 Humans of Cyber | Solomon Hykes Containerization changed how applications are built and deployed, but it also reshaped how security teams think about isolation and runtime protection. One project that made containers practical at scale is Docker. Docker was created by Solomon Hykes in 2013 as an open source platform to standardize how applications are packaged and run. By using lightweight containers instead of full virtual machines, Docker made it easier to move workloads consistently between development, testing, and production environments. The design focused on portability and repeatability. Applications could be bundled with their dependencies, reducing configuration drift and making deployments more predictable. This approach quickly influenced infrastructure automation, cloud computing, and DevOps workflows. Docker remains widely used in 2026 across development environments, CI pipelines, and production systems. While the ecosystem has evolved and new container runtimes have emerged, Docker’s role in popularizing containers fundamentally changed modern infrastructure design. Solomon Hykes remains publicly identifiable and active in the technology community, and his early work on Docker continues to shape how organizations build and secure applications today. Open question When adopting container technology, what created the biggest security shift in your environment. Image management, runtime controls, or supply chain visibility. #HumansOfCyber #OpenSource #AppSec #Semgrep #SecureCoding #CyberCommunity

🎤 Cloud Village CFP at @BSidesCharm is OPEN! First-time speaker or seasoned practitioner—welcome aboard. Got a real cloud security lesson to share? Drop your talk by Feb 22. 👉 cloud-village.org/bsidescharm26 #CloudVillage #CFP #BSidesCharm

🧠 Humans of Cyber | Adam Pennington Most security programs depend on a shared understanding of adversary behavior, even when they do not realize it. That shared language is heavily influenced by ATT&CK, the publicly available knowledge base of adversary tactics and techniques used across industries. One of the most visible leaders behind its development and evangelism is Adam Pennington, who has served as a key figure within the MITRE team responsible for advancing ATT&CK. His work has focused on helping organizations translate adversary behavior into practical defensive strategy. ATT&CK organizes real-world attack techniques into structured categories that map how attackers gain access, move laterally, escalate privileges, and exfiltrate data. Rather than listing vulnerabilities, it models behavior. This shift allows defenders to evaluate coverage gaps, tune detection capabilities, and measure defensive maturity against realistic adversary techniques. Over time, ATT&CK has become a global reference point across enterprise security, government defense programs, vendor tooling, and security training. It remains publicly accessible and actively maintained as of 2026. Adam continues to engage publicly on LinkedIn around adversary emulation, defensive mapping, and operationalizing ATT&CK in real environments. Open question When measuring security maturity, do you focus more on tool deployment or on technique coverage. #HumansOfCyber #MITRE #ATTACK #ThreatIntelligence #BlueTeam #CyberCommunity

🧠 Humans of Cyber | Igor Sysoev Performance problems often reveal themselves before security incidents do. When systems struggle under load, everything else becomes harder to protect. That reality sits quietly behind NGINX, one of the most widely used web servers and reverse proxies on the internet. NGINX was created by Igor Sysoev, who originally developed it in the early 2000s to solve the C10k problem. At the time, existing web servers handled large numbers of concurrent connections inefficiently, leading to performance bottlenecks that were difficult to predict or control. Igor designed NGINX around an event driven, asynchronous architecture that could handle thousands of simultaneous connections with minimal resource usage. This approach made it well suited not only for serving web traffic, but also for acting as a reverse proxy, load balancer, and gateway in front of complex systems. Over time, NGINX became a foundational layer in modern infrastructure. It is used to terminate TLS connections, route traffic between services, and absorb traffic spikes before they impact application logic. These capabilities made it relevant not just for performance, but also for resilience and security. NGINX remains actively developed and widely deployed in 2026, powering everything from small personal sites to large scale cloud platforms. Igor continues to be publicly associated with the project’s origins and architectural philosophy, which emphasized simplicity, efficiency, and predictability. Open question When designing internet facing systems, what do you prioritize first. Performance under load or control over how traffic is handled. #HumansOfCyber #OpenSource #NGINX #WebInfrastructure #InternetSecurity #CyberCommunity

🧠 Humans of Cyber Some of the most important security controls are built into systems long before an attack ever happens. One example is ClamAV, an open source antivirus engine widely used to detect malware across servers, email gateways, and file storage systems. ClamAV was originally developed by Tomasz Kojm in the early 2000s with a clear objective to provide a free and reliable malware detection engine that could be embedded into mail servers and Linux environments where commercial antivirus solutions were not always practical. While the project began with a focus on signature-based detection, it later expanded to include heuristic analysis and bytecode signatures to address more sophisticated threats. A key part of its design is the freshclam utility, which keeps the malware signature database up to date. This makes ClamAV particularly effective for scanning email attachments and preventing malicious files from spreading through messaging infrastructure. Although commonly associated with Linux deployments, ClamAV also supports Windows and macOS environments, making it adaptable across different operating systems. In 2007, ClamAV was acquired by Sourcefire, and it became part of Cisco after Cisco acquired Sourcefire in 2013. Since then, the project has continued to be maintained as an open source engine by Cisco’s Talos Intelligence Group and continues to receive signature updates and core engine maintenance. Today, ClamAV is widely deployed in mail gateways, Linux servers, and cloud environments where automated file scanning is a foundational security requirement. Its continued use reflects the importance of transparent, integrable malware detection working alongside modern behavioral and endpoint security controls. Open question Where does file scanning deliver the most measurable security value in your environment. At the gateway, on endpoints, or inside storage systems. #HumansOfCyber #OpenSource #ClamAV #MalwareDetection #EmailSecurity #CyberCommunity

🧠 Humans of Cyber Some security controls become so routine that people forget how critical they are until they fail. One of those controls is sudo, the command that governs how administrative access is granted on Unix and Linux systems around the world. sudo allows trusted users to execute specific commands with elevated privileges while keeping detailed records of who ran what and when. Instead of sharing the root password, organizations can enforce least privilege and maintain accountability, even on multi-user systems. For more than two decades, sudo has been maintained by Todd C. Miller, who took over stewardship of the project in the early 2000s. Under his maintenance, sudo evolved from a simple privilege escalation tool into a carefully audited security component with strong defaults, logging, and policy enforcement. Todd’s work focused on reducing risk in one of the most sensitive parts of any operating system. Small design decisions in sudo can have system-wide impact, which is why changes are deliberate, conservative, and heavily reviewed. This approach has helped sudo remain trusted across enterprises, cloud platforms, and critical infrastructure. As of 2026, sudo remains a reminder that access control does not have to be complex to be effective, but it does have to be correct. Open question Which access control decision do you think is most often taken for granted on production systems. #HumansOfCyber #OpenSource #LinuxSecurity #AccessControl #sudo #CyberCommunity

🚨 Cybercriminals are exploiting a WinRAR vulnerability and it’s a bigger deal than it sounds. A tool most of us trust for everyday file handling can become an attack entry point if left unpatched. A single malicious archive could lead to code execution or system compromise. That is how quietly real-world attacks begin. We discussed this risk in an episode of Ask Me Anything Cyber with co-hosts Sophia C.V and Prapti Pal, focusing on why routine tools are often the weakest link and why updates matter more than ever. Stay alert. Patch regularly. Never assume “common software” is safe by default. 🔐 #CyberSecurity #WinRAR #Vulnerability #CyberAwareness #Infosec #SecureYourSystems #AskMeAnythingCyber

🧠 Humans of Cyber Some security tools endure not because they automate everything, but because they help people understand how vulnerabilities actually appear in real applications. That approach defines ZAP, an open source web application security testing tool widely used for identifying common vulnerabilities during development and testing. ZAP has long been led by Simon Bennetts, who has guided the project’s technical direction and community for many years. His focus has consistently been on making application security testing practical, educational, and accessible without oversimplifying the underlying risks. The tool allows users to intercept and analyze web traffic, combine automated scanning with manual testing, and integrate security testing into development workflows. This made ZAP useful not only for professional security teams, but also for developers and students learning how web vulnerabilities behave in practice. The project’s governance has evolved over time. In 2023, ZAP formally left the OWASP Foundation as the core team looked for a more sustainable way to support full-time development. In 2024, the project joined forces with Checkmarx, which now provides commercial backing while the tool itself continues to be developed openly. As of 2026, ZAP is commonly referred to as ZAP or ZAP by Checkmarx. It remains actively maintained and widely used, reflecting a broader trend where critical open tools seek long-term sustainability beyond volunteer-only models. Open question When open source security tools change governance, what matters more to you. Independence or long-term sustainability. #HumansOfCyber #AppSec #ZAP #OpenSourceSecurity #ApplicationSecurity #CyberCommunity

🧠 Humans of Cyber Some of the most effective security controls are the ones that stay simple, predictable, and visible. That philosophy is embedded in pf, the firewall and packet filtering system developed as part of the OpenBSD operating system and widely respected for its clarity and reliability. pf was developed within the OpenBSD project, with Henning Brauer playing a central role in its design and long-term maintenance. The goal was to build a firewall that administrators could understand, audit, and reason about under pressure. pf introduced a configuration model that reads almost like plain language. Rules are explicit, state handling is clear, and behavior is predictable. This made it easier for operators to verify what traffic is allowed, what is blocked, and why. Over time, these qualities made pf influential beyond OpenBSD, shaping how firewall rules are written and reviewed. The project has consistently emphasized correctness over convenience. Features are added cautiously, unsafe behavior is avoided, and defaults are chosen to reduce risk rather than surprise. This approach reflects the broader OpenBSD philosophy of proactive security and defensive design. As of 2026, pf remains actively maintained and widely used in OpenBSD systems, network appliances, and environments where administrators value transparency and control. Its continued relevance shows that security does not always require complexity, but it does require discipline. Open question When managing firewall rules, what matters more to you. Expressiveness or the ability to fully understand every rule that is enforced. #HumansOfCyber #OpenSource #Firewall #OpenBSD #NetworkSecurity #CyberCommunity