Skip to Main Content

Justin Elze

CTO, Director of Research

Justin Elze is currently serving as Chief Technology Officer at TrustedSec. Over his 8 years with the company as an InfoSec expert, Justin has used his vast expertise in enterprise penetration testing, network security, social engineering, and red teaming to identify clients’ vulnerabilities and ultimately, protect their technology infrastructure. Prior to becoming CTO, Justin held the roles of Director of Innovation, Research, and Advanced Testing and Principal Security Consultant for TrustedSec.

With more than a decade of experience in the IT industry, Justin’s expertise is increasingly sought out by others in the field. He has taught at Black Hat and spoken at DerbyCon, where he also served on the CFP Review Board, and is also featured as an industry leader in the published books Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World and Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity.

Prior to joining TrustedSec, Justin was a Senior Penetration Tester for Accuvant LABS, Optiv, Dell SecureWorks, and Redspin, where he led numerous red team engagements and penetration tests. He has worked across a variety of industries, including roles for ISPs, hosting companies, Department of Defense contracting companies, and consulting companies. Today, he leans on what he learned throughout his roles in various capacities to inform his choices as CTO and further his thought leadership in the industry.

Outside of his work experience and “ethical hacker” persona, Justin is passionate about building, tuning, and racing cars (and, yes, occasionally hacking them) and spending time with his 3 dogs. You can find his latest musings—security-related and otherwise—on his Twitter account, @HackingLZ.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog May 18 2023

Walking the Tightrope: Maximizing Information Gathering while Avoiding Detection for Red Teams

Analyze the balance between gaining useful information and avoiding detection, detailing recon techniques that can be employed without compromising stealth.…

Read about this article
Blog March 17 2023

Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)

Threat Overview Earlier this week, Microsoft released a patch for Outlook vulnerability CVE-2023-23397, which has been actively exploited for almost an entire…

Read about this article
Webinars March 15 2023

Ask Me Anything: Penetration Testing Innovations and Insights

Join David Kennedy, Founder & Chief Hacking Officer, and Justin Elze, CTO & Director of Research, for a live webinar in which they’ll answer your questions…

Read about this article
Webinars December 14 2021

Log4j: Live Update Webcast

During the webcast, we will be joined by David Kennedy, TrustedSec CEO & Binary Defense CTO, Randy Pargman, Binary Defense Vice President of Threat Hunting &…

Read about this article
Blog May 23 2024

Assumed Breach: The Evolution of Offensive Security Testing

The goal of this post is singular: inform you (innocent reader, client, or competitor) about how we at TrustedSec are attempting to meet specific industry…

Read about this article
Blog May 16 2024

JS-Tap Mark II: Now with C2 Shenanigans

JS-Tap is a tool intended to help red teams attack web applications. I recently blogged about the data collection capabilities in JS-Tap version 1.0, and data…

Read about this article
Blog May 14 2024

Introducing Meta-Detector

In this blog post, I’m going to discuss a new Open-Source Intelligence (OSINT) tool I created to assist with collecting information about target organizations…

Read about this article
Blog May 09 2024

Most Reported Web Findings of 2023

I reviewed the findings from the application and API assessments that the TrustedSec Software Security Team conducted during 2023 to see what issues we were…

Read about this article
Blog May 02 2024

XZ Utils Made Me Paranoid

On March 28, 2024, the news about the XZ Utils backdoor came out. Since then, I’ve been thinking about how we could identify these backdoors before packages…

Read about this article
Blog April 30 2024

The Midnight Alert: Navigating the Dark Web Data Dilemma

In the dead of night, an ominous message hits your inbox: "Your company's sensitive data is for sale on the dark web." As the Chief Information Security…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.