EXPERIENCE
Charles Yost started his career in a printer repair shop. From there, things quickly escalated to working in VoIP and then working as a developer in the radio industry. A broad background of more than 20 years in IT and software development enables him to break down problems into manageable pieces, which then leads to aligning them to appropriate solutions.
EDUCATION & CERTIFICATIONS
- Microsoft Certified Professional (MCPS)
- Microsoft Specialist in HTML5 with JavaScript and CSS3
PROFESSIONAL AFFILIATIONS
- Member of Northeast Ohio Information Security Forum (NEOISF)
PROFESSIONAL AFFILIATIONS
- Security conference speaker at DerbyCon and BSides Cleveland\
- Development conference speaker at CodeMash
- User group speaker at NEOSIF and CLEPy
PASSION FOR SECURITY
Charles has been passionate about computers since he was nine (9) and was gifted a secondhand IBM XT. Throughout high school, he assisted with IT support, giving him insight into how security can play an important role in an organization. This sparked a curiosity of why security was so often relegated to an afterthought and who else had noticed. Having an affinity for technology allowed him to explore these questions. While exploring, a whole new world appeared. Here was a passion shared by the many denizens of the nascent Internet. As his years in the computer industry expanded his experience, the passion to understand the ‘why’ continued to grow. This culminated in him landing a position as a software developer at a security company, where he spent six (6) years building the development department before moving on to working at TrustedSec.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
What You Need to Know About SBOM
What is an SBOM? A Software Bill of Materials (SBOM) is a hierarchical, itemized list of all dependencies, their version numbers and provenance for a given…
Working with data in JSON format
What is JSON? What is JSON? JSON is an acronym for JavaScript Object Notation. For years it has been in use as a common serialization format for APIs across…
BEC Basics: Your First Step to Thwarting Email Scams
Attackers never stop evolving their business email compromise (BEC) tactics, leveraging phishing, credential harvesting, and email spoofing to infiltrate…
Actionable Purple Team Simulation Online Training (November 7-8)
Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…
Ask Me Anything: Advanced Cloud Pen Testing Scenarios
Cloud Penetration Tests are a critical component of cloud security, but integrating other testing methods can take the assessment to the next level. Adding…
Offensively Groovy
On a recent red team engagement, I was able to compromise the Jenkins admin user via retrieving the necessary components and decrypting credentials.xml. From…
Security Noise - Episode 7.4
Who's On My Network?
Spec-tac-ula Deserialization: Deploying Specula with .NET
Earlier this year, I gave a talk at Steelcon on .NET deserialization and how it can be used for Red Team ops. That talk focused on the theory of .NET…
Calculating Business Impact
In today’s digital landscape, gaining a deep understanding of how cybersecurity threats can affect business-critical systems is crucial for maintaining…
Let’s Clone a Cloner - Part 2: You Have No Power Here
Previously on Let's Clone a Cloner, I needed a long-range RFID badge cloner. There are many walkthroughs out there on how to build a cloner that are fantastic,…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
