Skip to Main Content

Joe Sullivan

Senior Security Consultant

Joe has over 20 years of experience in Information Security. He has worked in Incident Response, forensics, penetration testing, and security leadership as a CISO for a financial institution.


  • GIAC Penetration Tester (GPEN)
  • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Security Leadership (GSLC)
  • GIAC Cloud Penetration Tester (GCPN)
  • GIAC Public Cloud Security (GPCS)
  • GIAC Certified Web Application Penetration Tester (GWAPT)
  • Certified Information Systems Security Professional (CISSP)
  • CNSSI 4012 Senior Systems Manager
  • CNSSI 4013 System Administrator in Information Systems Security
  • CNSSI 4014 Information Systems Security Officer
  • NSTISSI 4011 Information Systems Security Professional
  • NSTISSI 4015 Systems Certifier


  • GIAC Advisory Board, ISC2 

Joe also teaches leadership courses for the SANS Institute.

Joe has presented at security conferences including Check Point CPX, Information Warfare Summit, and BSides.

Joe’s passion for security started in Incident Response and forensics in the late ‘90s. Since then, he has developed a passion for offensive security, security leadership, and teaching others.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog September 21 2023

Basic Authentication Versus CSRF

I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…

Read about this article
Blog June 27 2023

Introducing CoWitness: Enhancing Web Application Testing With External Service Interaction

As a web application tester, I encounter a recurring challenge in my work: receiving incomplete responses from Burp Collaborator during DNS and HTTP response…

Read about this article
Training Resources May 02 2024

Actionable Purple Team Simulation Online Training (May 2-3)

Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…

Read about this article
Events Kennedy Space Center, Florida | April 10 2024

Hack Space Con 2024

Founder and CEO David Kennedy is the keynote speaker at this year's Hack Space Con! We are also proud to sponsor this event.

Read about this article
Webinars March 06 2024

Ask Me Anything: Securing Defense Contracts Through CMMC Compliance

Join Chris Camejo, Practice Lead, Advisory's Compliance Services, and Rick Yocum, Managing Director of Advisory Services, for an ‘Ask Me Anything’ discussion…

Read about this article
News March 01 2024

Forbes - How This Professional Hacker Built Two Cybersecurity Firms In His 30s

David Kennedy, the CEO and founder of TrustedSec, joins Rosemarie Miller on "New Money" to discuss his pivot from being in the U.S. marines to becoming a…

Read about this article
News February 28 2024

WWL First News - A cyberattack has disrupted prescription drug orders around the country

Advisory Solutions Director Alex Hamerstone spoke with WWL New Orleans about the recent cyberattack that disrupted prescription drug orders around the country.

Read about this article
Events TrustedSec HQ | February 27 2024

ISC2 February Member Meeting 2024

Join us at the TrustedSec HQ for the monthly ISC2 Cleveland Chapter member meeting!

Read about this article
Blog February 27 2024

Weaponization of Token Theft – A Red Team Perspective

This blog is the start of several deep dives into the weaponization of token theft. The focus of this blog will be on conditional access around devices and…

Read about this article
Podcasts February 23 2024

Security Noise - Episode 6.15

OSINT: Digital Detective or Cyber Stalking?

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.