Experience
Prior to joining the TrustedSec Incident Response Team, Caroline gained experience at an open-XDR vendor as a Security Operations Center Analyst, where she then moved into the role of a Threat Hunter and Incident Response Analyst. Her research interests have been focused on cloud security, specifically in AWS environments. Caroline also has the unique experiences of briefly working within law enforcement and the banking industry.
Education & Certifications:
- Bachelor of Science, Cybersecurity, The University of Tampa
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- AWS Certified Cloud Practitioner
Passion for Security
Caroline’s interest in cybersecurity spawned from constantly wanting to get to the bottom of whatever mystery presented itself to her. Tracking down an attacker’s actions and learning how to proactively look for those actions in the future perfectly satiates her curious nature.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Hiding in the Shadows: Covert Tunnels via QEMU Virtualization
Attackers are getting increasingly creative—not just with their payloads, but with how they deliver and operate them. In a recent Incident Response engagement,…
A Threat Hunter’s Guide to Decoding the Cloud
This blog will guide you through how to be a successful threat hunter in cloud environments, along with some helpful tips and advice.
BEC Basics: Your First Step to Thwarting Email Scams
Learn to identify and combat business email compromise (BEC) threats in Microsoft 365 with expert Steven Erwin and Caroline Fenstermacher.
Tips for Incident Response Planning: Prepare Before Crisis Strikes
During our next webinar, our Incident Response experts will cover what organizations should do to prepare so they can respond quickly and be on the way to…
Inside the Modern Red Team: How Attackers Think, and What Defenders Miss
Discover how modern Red Teams think like attackers, what defenders often miss, and how to strengthen your cybersecurity posture.
Limiting Domain Controller Attack Surface: Why Less Services, Less Software, Less Agents = Less Exposure
Before we dive in, let’s get all the TrustedSec Certified Absolutes out of the way:All software presents some level of inherent risk.Only required software…
News 5 Cleveland - Elyria Police responded to a reported restaurant robbery. But it was actually an AI prank.
AI quality is evolving rapidly, making it easier than ever to create convincing fakes from a phone. Advisory Solutions Director Alex Hamerstone spoke with News…
Top 10 Blogs of 2025
Everyone has a year-end list, and this is ours. See what our top-performing cybersecurity blogs were in 2025, there could be some you might have missed!
News 5 Cleveland - Holiday Warning: Keeping your loved ones safe from scams
As the holidays approach, the most effective defense against fraud is an informed family. Advisory Solutions Director Alex Hamerstone spoke with News 5…
Security Advisory: React2Shell (CVE-2025-55182) - Critical RCE Vulnerability
A critical vulnerability affecting React Server Components (RSC) is being actively exploited. Here's what to look for and what to do next.
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
