EXPERIENCE
Edwin David is a Security Consultant with TrustedSec’s Cloud Force team. He has over 20 years’ experience in Information Technology. Prior to joining TrustedSec, Edwin worked in the financial services sector as a System Administrator. He enjoys working on complex problems, and his specializations are Active Directory, Group Policy, and Azure/M365 security.
EDUCATION & CERTIFICATIONS
- Bachelor of Science, Management Information Systems, Indiana State University
- Microsoft Certified IT Professional (MCITP) Enterprise Administrator
- Azure Fundamentals
- M365 Security Administrator
- Azure Security Engineer Associate
- Security Operations Analyst Associate
PROFESSIONAL AFFILIATIONS
Indiana InfraGard Member
PASSION FOR SECURITY
Edwin’s passion for security developed while working in his previous role at a financial institution. His main focus was on Active Directory design/security engineering and OS Client/Server system hardening. In 2015, his focus shifted towards cloud security. As companies started developing plans for hybrid cloud adoption, he saw an immediate and fundamental need to understand secure cloud adoption methodologies. Edwin also enjoys working with offensive security toolsets to understand the full attack cycle on weaknesses and misconfigurations in different systems.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Hacking Your Cloud: Tokens Edition 2.0
Access compromised Azure credentials to bypass MFA, gain OWA access, and conduct cloud penetration testing using stolen refresh tokens and Burp Suite Pro.
Top 5 Things That Will Land an Attacker in the Azure Cloud
Unprotected cloud environments can pose significant threats to your company reputation, data, and applications, requiring robust security measures and regular…
Azure AD Kerberos Tickets: Pivoting to the Cloud
Compromising an Azure cloud presence via machine account SSO is possible, allowing attackers to impersonate any account without MFA, using compromised service…
Common Conditional Access Misconfigurations and Bypasses in Azure
Conditional Access configurations in Azure prevent unauthorized access, but common misconfigurations and bypasses can occur, leading to security risks,…
Defending the Gates of Microsoft Azure With MFA
As a cloud penetration tester, I share my expertise on bypassing Multi-Factor Authentication (MFA) in Azure and provide guidance on securing it with…
Penetration Testing Your Cloud Environment
Discover how to validate cloud security with expert Paul Burkeland and team, exploring cloud attack surfaces, traditional vs. cloud penetration tests, and…
Insecure by Default: The Hidden Complexities of Cloud Security
Join experts from our Cloud Security and Hardening teams to gain practical insights for how to enhance your own cloud security posture.
Black Hat USA Training - Adversary Tactics and Threat Hunting
During our Black Hat training, you will learn hands-on attacks that directly correlate to industry relevant TTPs, while performing threat hunting exercises and…
Live Discord AMA – Gone Phishing: AI in Pentesting
Join us for an exclusive live Discord session on Thursday, July 24 at 11:00AM ET/10:00AM CT with Senior Security Consultants Kelsey Segrue and Skyler Tuter!…
Measuring Effectiveness for Business Resilience
Testing and assessing security effectiveness is a core component of business resilience. Learn why this type of testing can help ensure you're protecting your…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
