Skip to Main Content

Joe Sullivan

Senior Security Consultant

EXPERIENCE
Joe has over 20 years of experience in Information Security. He has worked in Incident Response, forensics, penetration testing, and security leadership as a CISO for a financial institution.

EDUCATION & CERTIFICATIONS

  • GIAC Penetration Tester (GPEN)
  • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Security Leadership (GSLC)
  • GIAC Cloud Penetration Tester (GCPN)
  • GIAC Public Cloud Security (GPCS)
  • GIAC Certified Web Application Penetration Tester (GWAPT)
  • Certified Information Systems Security Professional (CISSP)
  • CNSSI 4012 Senior Systems Manager
  • CNSSI 4013 System Administrator in Information Systems Security
  • CNSSI 4014 Information Systems Security Officer
  • NSTISSI 4011 Information Systems Security Professional
  • NSTISSI 4015 Systems Certifier

PROFESSIONAL AFFILIATIONS

  • GIAC Advisory Board, ISC2 

Joe also teaches leadership courses for the SANS Institute.

INDUSTRY CONTRIBUTIONS
Joe has presented at security conferences including Check Point CPX, Information Warfare Summit, and BSides.

PASSION FOR SECURITY
Joe’s passion for security started in Incident Response and forensics in the late ‘90s. Since then, he has developed a passion for offensive security, security leadership, and teaching others.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog September 21 2023

Basic Authentication Versus CSRF

I was recently involved in an engagement where access was controlled by Basic Authentication. One (1) of the findings I discovered was a Cross-Site Request…

Read about this article
Blog June 27 2023

Introducing CoWitness: Enhancing Web Application Testing With External Service Interaction

As a web application tester, I encounter a recurring challenge in my work: receiving incomplete responses from Burp Collaborator during DNS and HTTP response…

Read about this article
Webinars December 04 2024

BEC Basics: Your First Step to Thwarting Email Scams

Attackers never stop evolving their business email compromise (BEC) tactics, leveraging phishing, credential harvesting, and email spoofing to infiltrate…

Read about this article
Training Resources November 07 2024

Actionable Purple Team Simulation Online Training (November 7-8)

Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…

Read about this article
Webinars October 16 2024

Calculating Business Impact

In today’s digital landscape, gaining a deep understanding of how cybersecurity threats can affect business-critical systems is crucial for maintaining…

Read about this article
Events Deadwood, SD | October 09 2024

Wild West Hackin' Fest 2024

TrustedSec is happy to return as a sponsor for Wild West Hackin' Fest in 2024! Visit us at our booth at the Deadwood Mountain Grand. Principal Security…

Read about this article
Blog October 08 2024

EKUwu: Not just another AD CS ESC

TL;DR - Using built-in default version 1 certificate templates, an attacker can craft a CSR to include application policies that are preferred over the…

Read about this article
News October 08 2024

The New York Sun - Elon Musk’s Starlink Brings Lifesaving Contact to Appalachia in Aftermath of Hurricane Helene

Thousands of Starlink satellites have been installed across some of the most isolated regions since Hurricane Helene devastated parts of Appalachia. Advisory…

Read about this article
News October 08 2024

WWL First News - How Secure Are Your Passwords?

Good password hygiene is essential to keeping your accounts safe. Advisory Solutions Director Alex Hamerstone spoke with WWL First News about steps you can…

Read about this article
Podcasts October 04 2024

Security Noise - Episode 7.3

Security Outlook: Cloudy

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.