Experts in Cyber Security
Why Security Illusion?
After working in Cyber Security for well over a decade, the founder and lead tester at Security Illusion (Phillip Bosco), wanted to approach cyber security differently. Through highly-customizable & personalized assessments, Security Illusion stands out from the rest by focusing heavily on the quality of our assessments and relationships over sheer quantity.
Security Illusion firmly believes in cultivating an environment where knowledge and education thrive in order to better empower and equip our clients in tackling future threats more effectively on their own. We provide our clients with specialized report deliverables, follow-ups, and validation testing to ensure that any security issues found can be quickly and intelligently remediated.
When you become a client with Security Illusion, you aren't just our client for the duration of the assessment -- we have your back and will support you through all of your remediation efforts and challenges you might face along the way.
Mr. Bosco's Experience
Phillip Bosco has been working in the information security industry for over a decade through his service as a Cyber Marine in the United States Marine Corps, his work for various three-letter government agencies, and his time working alongside some of the top cyber security consulting companies in the world.
With this experience, Phillip has conducted 1,000s of penetration tests across government and Fortune 500/100/50 clients, resulting in real-world & practical experience seldom found elsewhere.
Education & Certifications
Through Phillip's passion for furthering his own skill development, he has achieved the following industry certifications and education:
Master of Science in Information Security Engineering (MSISE)
Successfully completed all credit hours in record time (According to SANS), finishing all requirements within two years.
American Military University
B.S. Information Technology Management, Concentration on Information Systems Security, Graduated Summa Cum Laude - 4.0 GPA
- OSCP - Offensive Security Certified Professional
- OSCE – Offensive Security Certified Expert
- OSWP - Offensive Security Wireless Professional
- CISSP - Certified Information Systems Security Professional
- GSEC Gold - GIAC Security Essentials Certification
- GCIA Gold - GIAC Certified Intrusion Analyst
- GCCC Gold – GIAC Critical Security Controls Certification
- GSE - GIAC Security Expert
- GXPN – GIAC Exploit Researcher and Advanced Penetration Tester
- GPYC - GIAC Python Coder
- GPEN - GIAC Penetration Tester
- GWAPT - GIAC Web Application Penetration Testing
- GCED - GIAC Certified Enterprise Defender
- GCIH - GIAC Certified Incident Handler
- Achieved NetWars (Level 5), 1st place CTF
- CCNA - Cisco Certified Network Associate
- (DoD Equivalency)
- CEH - EC-Council Certified Ethical Hacker
- ECSA - EC-Council Certified Security Analyst
- CNDA - EC-Council Certified Network Defense Architect
- CompTIA A+
- CompTIA Security+
- CompTIA Network+
Information Security Research
Philip is constantly active with his information security research and is commonly recognized for the following research:
- Creator of the Boscloner (www.boscloner.com)
- The Open-Source, All-in-One RFID Cloning Solution
- Presenter at Defcon 24
- Home Security System(s) Bypass
- Discovered critical vulnerabilities across security systems from Xfinity Comcast, AT&T Digital Life, and ADT
- The discovered vulnerabilities allowed for:
- Accessing a user's facility without detection while the system remained in the ARMED Away state (all sensors, including motion detectors enabled)
- Remotely disarming the user's security system entirely
- Remotely viewing the user's internal security cameras from an internet accessible link without credentials
- The vendor's hubs installed on a user's network served as backdoors into the user's internal network due to their critically weak SSID passwords, default credentials, and more.
- Featured in
- Wired Magazine, Washington Times, NetworkWorld, ArsTechnica, ZDNet, CSO Online, InfoSecurity Magazine, The Verge, and more.
- Presenter at
- SANS Baltimore Conference
- Social Engineering War Stories
- SANS Webcast
- "Real-World Phishing and Exploitation"