Mitigate attacks, contain movement, and regain operations
Respond to threats to your security program with the help of our security experts.
Respond to breaches or security concerns in real time
Contain, eradicate, and recover from attacks with minimal downtime to get back up and running.
Contain malicious attacks
Identify how attackers entered the environment and revoke access.
Spot stealthy adversaries
Proactively search for signs of malicious activity that evade existing detection devices.
Build a response plan
Playbooks provide step-by-step instructions for responding to specific attacks.
Prevent future breaches
Exercises help organizations practice how to respond to real-world scenarios.
Threat and incident response services
Discover services to respond to threats to your security program.
Incident Response and Computer Forensics
Our team provides Incident Response and Forensic Analysis services helping clients recover from Information Security events caused by a malicious insiders,…
Business Email Compromise in Microsoft 365
Email drives modern business communication, but the rising threat of business email compromise (BEC) by cybercriminals jeopardizes data security and integrity.
Playbook Development
Incident Response Playbooks allow analysts to respond to an incident consistently, ensures that correct procedures are followed, and provides an organization…
Threat Hunting
The largest threat organizations face today is the inability to detect various types of attackers as a compromise occurs.
Tabletop Exercises
Information Security breaches continue to afflict companies of all sizes and the need to be prepared for a potential cybersecurity incident is more important…
Loading...
Security expertise meets security passion
Meet the talented, security-obsessed team invested in achieving your goals.
“TrustedSec allows me to help make an impact on our clients and help those in need.”Tyler HudakPractice Lead, Incident Response
Tyler Hudak
Practice Lead, Incident ResponseTyler has over 20 years of real-world experience in incident handling, malware analysis, computer forensics, and information security for multiple organizations. He has spoken and taught at a number of security conferences about topics ranging from incident response to penetration testing techniques.
“For me it’s more of a life choice and a passion than anything else. I don’t consider it work at all. I get to work with some of the best, most talented hackers in the world, literally.”Jason LangPractice Lead, Targeted Operations
Jason Lang
Practice Lead, Targeted OperationsWith over 15 years of industry experience, Jason Lang has worked in both offensive and defensive roles. Before switching to red teaming, he spent 8 years working as a technical Security Architect for a Fortune 500 company, specializing in Active Directory and .Net/database development. After several years of penetration testing and red teaming, he now manages the Targeted Operations practice at TrustedSec.
“Having access to industry leaders right here at TrustedSec makes solving our clients' challenges easier.”Paul SemsManaging Director of Remediation Services
Paul Sems
Managing Director of Remediation ServicesPaul and his team work with clients to harden their environments against attacks and help them recover after security incidents.
The First Steps on Your Zero Trust Journey
Find out how the NIST 800-207 framework is a starting point that demystifies Zero Trust.
Practical cybersecurity thought-leadership
Discover our experts’ innovative blogs, webinars, podcasts.
The Lost Underground
Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…
Security Noise - Episode 7.7
Amazing Stories in InfoSec
On-Demand BOF
From the team that brought you COFF Loader, CS-Situational-Awareness-BOF, CS-Remote-OPs-BOF, and numerous blogs on BOFs, we are excited to release our first…
BEC Basics: Your First Step to Thwarting Email Scams
Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…
Discovering a Deserialization Vulnerability in LINQPad
Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…
A 5-Minute Guide to HTTP Response Codes
If you've done any network scanning or application testing, you've run into your fair share of HTTP response codes. If not, these codes will show up in most…
Navigating Compliance: FCI and CUI Requirements for Federal Contractors
TrustedSec Advisory Compliance Services Practice Lead Chris Camejo provides a comprehensive overview of the definition, scope, and protection requirements for…
Security Noise - Episode 7.6
Ghost in The Machine: Hardware Hacking w/ Rob Simon
Attacking JWT with Self-Signed Claims
JSON Web Tokens (JWTs) are a widely used format for applications and APIs to pass authorization information. These tokens often use a JSON Web Signature (JWS)…
EKUwu: Not just another AD CS ESC
Update November 12, 2024 - This vulnerability has been patched. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49019This post was originally…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
