YoKo has spent more than 11 years (from total of more than 14 years) in information security field, focused in risk from security testing point of view. He has served in technical roles as technical lead security consultant for many security testing projects in financial industries, healthcare, distribution, logistic, manufacture, mining, and pharmacy.
In addition, he has also conducted several researches with his colleagues to find security vulnerabilities inside web, mobile and desktop applications. Adobe, Apple, Avast, Blackberry, FireEye, FortiNet, Lenovo, McAfee, PayPal, Samsung, and TrendMicro are some lists from his researches that has been acknowledged and some of them can be seen on his personal blog at http://firstsight.me or https://medium.com/@YoKoKho
With the permission of Allah, in October 2019 (with Faisal Yudo), he managed to create an ebook that readers can use to study the topic of Web Application Security Testing (from a bug hunting point of view). Equipped with very basic explanations, this ebook also covers various techniques (recon and attack) with real cases from around the world. https://leanpub.com/bughunting101 (Available for free).
He has also been recognized as one of Bugcrowd’s MVP Researcher – one of the world’s leading bug bounty platforms – Period: 2018, (Q3 & Q4) 2019, (Q1, Q3, & Q4) 2020, and (Q1, Q2, Q3, Q4) 2021.
And as of 11th Jul, 2021, Bi’idznillah YoKo reach top 40 (rank #37) at Bugcrowd – https://bugcrowd.com/YoKoKho.
Reach YoKo at: Twitter | Linkedin | Email: yk[at]firstsight.me
Professional Certifications:
• eWPTX v2 (eLearnSecurity Web Application Penetration Tester Extreme)
• OSCP – PWKv3 (Offensive Security Certified Professional)
• ISE (Apple iOS Application Security Expert – PentesterAcademy)
• CEI v2 (Certified EC-Council Instructor)
• CEH v10 Master (Certified Ethical Hacker)
• ECSA v9 (EC-Council Certified Security Analyst)
• CND v1 (Certified Network Defender) – pre-selected CEI (CEI Initiative)
• NSE 1 Network Security Associate
• NSE 2 Network Security Associate
• LPT Master (EC-Council Licensed Penetration Tester)
• LCSPC (Certiprof Lead Cybersecurity Professional)
• CSFPC (Certiprof Cybersecurity Foundation Professional)
Additional Notes:
Since there are few social media accounts that showing up as “YoKo Kho” or “YoKo Acc”, then here is the clarification about the list of social media accounts that I have. Please kindly note, I have no other social media accounts except:
• Twitter: @YoKoAcc (public) / @yokokho (private)
• Medium: @YoKoKho
• Youtube: /channel/UCRd846B8EyUROUSeA9da_xg
• Facebook: /yoko.kho (inactive – restricted from public)
• Google Plus: /+YoKoKho (inactive)
• Instagram: @yoko.kho (inactive)
• YourAcclaim: /user/yoko
