Skip to Main Content

Justin Vaicaro

Principal Incident Response Consultant

EXPERIENCE
Justin has 12 years combined military experience serving in both the Marine Corps and Air Force. He has 25 years of experience within the Information Technology industry, with the last 15 years solely focused on security engineering. Justin has worked in various industries, including Internet Service Provider, eCommerce, Pharmaceutical, Automotive, and Aviation. He has held various roles throughout his career, but his technical strength is derived from his vast network engineering experience. His security knowledge is diverse, but his current focus is on Security Architecture and Design, Incident Response, Malware Reversing, Threat Hunting, Threat Intelligence, and Security Operations. He also does a significant amount of research around trending offensive techniques, tactics, and procedures in order to strengthen his defensive mindset.

EDUCATION & CERTIFICATIONS

  • Bachelor of Arts: Computer Information Systems & Business Administration, Florida Institute of Technology
  • Certified Information System Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • GIAC Certified Forensic Analyst (GCFA)
  • Certified Reverse Engineering Analyst (CREA)
  • Offensive Wireless Security Professional (OWSP)

PROFESSIONAL AFFILIATIONS

  • ISC2 (Orange County, CA Chapter)
  • ISACA (Orange County, CA Chapter)
  • ISSA (Orange County, CA Chapter)
  • LETHAL (Orange County Hacker Meetup Group)

INDUSTRY CONTRIBUTIONS
Justin has a patent issued for his specialized work around aircraft in-flight-entertainment data security monitoring methodologies and techniques: Methods and Systems for Monitoring Computing Devices on a Vehicle: US Patent No. US9813911B2

PASSION FOR SECURITY
Justin’s passion for security started early in his network engineering career with his exposure to wireless security. His overall passion for security is what consistently pushes him outside of his comfort zone, to keep learning, and to continually work on specializing in new areas within the security industry. His favorite part about being a security professional is the consistent and constant drive to face new challenges.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Webinars August 19 2020

Continuous Threat Hunting: A Practical Webinar

Join Pargman and Vaicaro in this joint webinar to gain practical strategies that can be used to increase the detection capabilities of a security operations…

Read about this article
Webinars February 16 2022

Threat Hunting Lessons You Won’t Learn From Guides and Whitepapers

Join TrustedSec Incident Responders Justin Vaicaro, Leo Bastidas, and Ashley Pearson as they share anecdotes and practical information about their experiences…

Read about this article
Webinars May 17 2023

Elevate Your Threat Hunting Program: Actionable Advice from IR Experts

Join veteran Threat Hunters Justin Vaicaro and Ashley Pearson as they share their experience working with businesses to build and fine-tune their threat…

Read about this article
Blog April 25 2023

Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 3 – Network Analysis and Tooling)

Within the first two installments of this series, we identified the key to successful incident preparation starts with making sure a solid incident triage…

Read about this article
Blog April 20 2023

Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 2 – Incident Assessment and Windows Artifact Processing)

In Part 1 of this series, we identified that there are three (3) key parts to successful incident preparation: ensuring that a solid incident triage process is…

Read about this article
Blog April 18 2023

Incident Response Rapid Triage: A DFIR Warrior's Guide (Part 1 – Process Overview and Preparation)

In this series, I will be discussing how to handle an incident with the speed and precision of a DFIR warrior. With a rapid triage mindset, you'll be able to…

Read about this article
Blog February 07 2023

ESXiArgs: What you need to know and how to protect your data

Threat Overview Around February 03, 2023, a ransomware campaign called “ESXiArgs” emerged that targeted Internet-facing VMware ESXi servers running versions…

Read about this article
Webinars December 18 2024

The Lost Underground

Join TrustedSec Principal Security Consultant Mike Felch for an eye-opening journey into the lost underground, where ingenuity, disobedience, and complexity…

Read about this article
Webinars December 04 2024

BEC Basics: Your First Step to Thwarting Email Scams

Join Senior Security Consultant Steven Erwin and Security Consultant Caroline Fenstermacher as they cover the basics of BEC analysis, providing participants…

Read about this article
Blog December 03 2024

Discovering a Deserialization Vulnerability in LINQPad

Like most red teamers, I spend quite a lot of time looking for novel vulnerabilities that could be used for initial access or lateral movement. Recently, my…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.