EXPERIENCE
Edwin David is a Security Consultant with TrustedSec’s Cloud Force team. He has over 20 years’ experience in Information Technology. Prior to joining TrustedSec, Edwin worked in the financial services sector as a System Administrator. He enjoys working on complex problems, and his specializations are Active Directory, Group Policy, and Azure/M365 security.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, Management Information Systems, Indiana State University
- Microsoft Certified IT Professional (MCITP) Enterprise Administrator
- Azure Fundamentals
- M365 Security Administrator
- Azure Security Engineer Associate
- Security Operations Analyst Associate
PROFESSIONAL AFFILIATIONS
Indiana InfraGard Member
PASSION FOR SECURITY
Edwin’s passion for security developed while working in his previous role at a financial institution. His main focus was on Active Directory design/security engineering and OS Client/Server system hardening. In 2015, his focus shifted towards cloud security. As companies started developing plans for hybrid cloud adoption, he saw an immediate and fundamental need to understand secure cloud adoption methodologies. Edwin also enjoys working with offensive security toolsets to understand the full attack cycle on weaknesses and misconfigurations in different systems.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Hacking Your Cloud: Tokens Edition 2.0
Office and Microsoft 365 tokens can add some interesting dynamics to Azure and Microsoft 365 services penetration testing. There are a few different ways of…
Top 5 Things That Will Land an Attacker in the Azure Cloud
- Misconfigured Cloud Infrastructure What type of misconfigurations can exist in a cloud infrastructure? Vulnerable front-facing webservers, unpatched…
Azure AD Kerberos Tickets: Pivoting to the Cloud
If you've ever been doing an Internal Penetration test where you've reached Domain Admin status and you have a cloud presence, your entire Azure cloud can…
Common Conditional Access Misconfigurations and Bypasses in Azure
Conditional Access is widely used in Azure to prevent unauthorized access. When it works, it can shut down attacks, even if the user's password is known.…
Defending the Gates of Microsoft Azure With MFA
Since Russia’s invasion of Ukraine, companies based in the United States have been on alert for potential cyberattacks on IT infrastructure. Multi-Factor…
Penetration Testing Your Cloud Environment
Join Cloud Practice Lead Paul Burkeland and Cloud Security Consultants Edwin David and Patrick Mayo as they review the ins and outs of examining the security…
Insecure by Default: The Hidden Complexities of Cloud Security
Join experts from our Cloud Security and Hardening teams to gain practical insights for how to enhance your own cloud security posture.
The Lost Underground
Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…
BEC Basics: Your First Step to Thwarting Email Scams
Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…
Discovering a Deserialization Vulnerability in LINQPad
Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
