EXPERIENCE
Mitch spent over eight years at the U.S. Department of Homeland Security focusing on physical infrastructure security. Now, he helps organizations secure their IT infrastructure through continuous security, secure software development, and the adoption of DevSecOps.
EDUCATION & CERTIFICATIONS
- Bachelor of Science: Emergency Administration & Planning, University of North Texas
- AWS Certified DevOps Engineer: Professional
- AWS Certified Security: Specialty
PROFESSIONAL AFFILIATIONS
- Information Systems Security Association International (ISSA)
- Cloud Security Alliance (CSA): Colorado Chapter
PASSION FOR SECURITY
Mitch is passionate about operational resilience and continuous security. He is also a fighter of normalcy bias and is in constant search of the best exit.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Securing Your Software Supply Chain
Join Senior Security Engineer Mike Spitzer and DevSecOps Security Consultant Mitch Parish to review the challenges of integrating security controls in the…
Securing Cloud Native Applications With DevSecOps
Join Managing Director of Remediation Services Paul Sems and DevSecOps Security Consultant Mitch Parish as they discuss the challenges and identify solutions…
Insecure by Default: The Hidden Complexities of Cloud Security
Join experts from our Cloud Security and Hardening teams to gain practical insights for how to enhance your own cloud security posture.
BEC Basics: Your First Step to Thwarting Email Scams
Attackers never stop evolving their business email compromise (BEC) tactics, leveraging phishing, credential harvesting, and email spoofing to infiltrate…
Actionable Purple Team Simulation Online Training (November 7-8)
Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…
Ask Me Anything: Advanced Cloud Pen Testing Scenarios
Cloud Penetration Tests are a critical component of cloud security, but integrating other testing methods can take the assessment to the next level. Adding…
Offensively Groovy
On a recent red team engagement, I was able to compromise the Jenkins admin user via retrieving the necessary components and decrypting credentials.xml. From…
Security Noise - Episode 7.4
Who's On My Network?
Spec-tac-ula Deserialization: Deploying Specula with .NET
Earlier this year, I gave a talk at Steelcon on .NET deserialization and how it can be used for Red Team ops. That talk focused on the theory of .NET…
Calculating Business Impact
In today’s digital landscape, gaining a deep understanding of how cybersecurity threats can affect business-critical systems is crucial for maintaining…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
