Skip to Main Content
All Trimarc services are now delivered through TrustedSec! Learn more

Mitigate attacks, contain movement, and regain operations

Respond to threats to your security program with the help of our security experts.

Threat and incident response services

Discover services to respond to threats to your security program.

Loading...

Security expertise meets security passion

Meet the talented, security-obsessed team invested in achieving your goals.

“Having access to industry leaders right here at TrustedSec makes solving our clients' challenges easier.”
Paul SemsManaging Director of Remediation Services
“For me it’s more of a life choice and a passion than anything else. I don’t consider it work at all. I get to work with some of the best, most talented hackers in the world, literally.”
Jason LangPractice Lead, Targeted Operations
“Leveraging the collective intelligence of TrustedSec is like a cheat-code I get to use every day.”
Costa PetrosSenior Security Consultant
Blog

The First Steps on Your Zero Trust Journey

Find out how the NIST 800-207 framework is a starting point that demystifies Zero Trust.

Practical cybersecurity thought-leadership

Discover our experts’ innovative blogs, webinars, podcasts.

Webinars July 23 2025

Measuring Effectiveness for Business Resilience

Testing and assessing security effectiveness is a core component of business resilience. Learn why this type of testing can help ensure you're protecting your…

Read about this article
Blog July 10 2025

Azure's Front Door WAF WTF: IP Restriction Bypass

The Azure Front Door Web Application Firewall (WAF) has an "IP restriction" option that can be bypassed with the inclusion of an HTTP header. What's worse?…

Read about this article
Blog July 08 2025

CVE-2025-1729 - Privilege Escalation Using TPQMAssistant.exe

While digging into the internals of my new Lenovo ThinkPad P1 Gen7, I came across an unexpected discovery that quickly escalated from curiosity to a viable…

Read about this article
Podcasts July 02 2025

Security Noise - Episode 7.19

Hacker Culture: The Self Modifying Code

Read about this article
Blog July 01 2025

Abusing Chrome Remote Desktop on Red Team Operations: A Practical Guide

In this post, we’ll be exploring a practical technique for abusing Chrome Remote Desktop (also known as Google Remote Desktop) within a Red Team operation. I…

Read about this article
Webinars June 25 2025

Dialing Into Deception: A Social Engineer's Playbook for Voice-Based Attacks

Join Targeted Operations Practice Lead Jason Lang and Senior Security Consultant David Boyd as they walk through different aspects of social engineering and…

Read about this article
Blog June 24 2025

NIST CSF 2.0 Ratings and Assessment Methodologies for Scorecards – When the Math isn’t “Mathing”

As a Senior Security Consultant and National Institute of Standards and Technology (NIST) expert, the question I get asked the most is, how do we compare…

Read about this article
Blog June 17 2025

Attacking JWT using X509 Certificates

Take a closer look at JWT signature verification using X.509 headers as we walk through an attack and demonstrate a Burp extension to exploit a known…

Read about this article
Podcasts June 16 2025

Security Noise - Episode 7.18

This week on Security Noise, we are hacking with AI! Listen as we discuss how AI can accelerate workflows, the pros and cons of using automation in penetration…

Read about this article
Blog June 13 2025

Dragging Secrets Out of Chrome: NTLM Hash Leaks via File URLs

Figure 1 - We take our work very seriously. Capturing Hashes with DragonHashChromium-based browsers have an odd feature set that allows extensive drag-and-drop…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.