Skip to Main Content

Scott Nusbaum

Principal Research Analyst

Scott Nusbaum has over 25 years of experience in software development and 16 years in Information Security. He has experience ranging from material handling and banking to the defense industry.


  • Bachelor of Science, Computer Engineering, University of Cincinnati
  • Master of Science, Computer Science, Cyber Informatics, University of Cincinnati
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Exploit Developer (OSED)
  • Offensive Security Experienced Professional (OSEP)
  • GIAC Reverse Engineering Malware (GREM)

Scott has contributed to InfoSec conferences to share his knowledge with the community, including Queen City Con 2023, Texas Cyber Summit 2023, the Ohio Information Security Forum, and as an Adjunct Instructor at the University of Cincinnati.

Scott has always been fascinated with computers and software. He started programming in elementary school and has never stopped. Scott is passionate about learning the internal workings of software and systems. This led to reverse engineering, malware, exploits, and CTF.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog January 30 2024

Burrowing a Hollow in a DLL to Hide

1    Burrowing a Hollow in a DLL to Hide In this post about common malware techniques, we are still talking about hollowing—but this time, instead of hollowing…

Read about this article
Webinars July 01 2021

The Ransomware Environment: Going Beyond the Headlines

Join Kennedy and Nusbaum for this interactive webinar that will dive deeper into how these attacks are carried out and how organizations can be prepared.

Read about this article
Webinars March 08 2023

Who’s Winning the Red vs. Blue Team Arms Race

Join experts Adam Compton—Principal Penetration Testing Consultant, Phil Rowland—Remediation Practice Lead, and Scott Nusbaum—Principal Advanced Research…

Read about this article
Blog June 16 2023

Obfuscation Using Python Bytecode

1.1   Introduction I love when I get tossed a piece of unique malware. Most of the time, malware is obfuscated using PowerShell or a dropper written in C. This…

Read about this article
Blog May 30 2023

PPID Spoofing: It’s Really this Easy to Fake Your Parent

1 New Blog Series on Common Malware Tactics and Tricks This will be the first post in a series of blogs covering some common malware tactics and tricks. The…

Read about this article
Blog February 08 2023

ESXiArgs: The code behind the ransomware

1 Deep Dive into an ESXi Ransomware TrustedSec’s Nick Gilberti wrote a great blog covering the ESXi ransomware’s shell script here. However, in this blog, we…

Read about this article
Blog January 31 2023

New Attacks, Old Tricks: How OneNote Malware is Evolving

1    Analysis of OneNote Malware A lot of information has been circulating regarding the distribution of malware through OneNote, so I thought it would be fun…

Read about this article
Training Resources May 02 2024

Actionable Purple Team Simulation Online Training (May 2-3)

Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…

Read about this article
Events Kennedy Space Center, Florida | April 10 2024

Hack Space Con 2024

Founder and CEO David Kennedy is the keynote speaker at this year's Hack Space Con! We are also proud to sponsor this event.

Read about this article
Webinars March 06 2024

Ask Me Anything: Securing Defense Contracts Through CMMC Compliance

Join Chris Camejo, Practice Lead, Advisory's Compliance Services, and Rick Yocum, Managing Director of Advisory Services, for an ‘Ask Me Anything’ discussion…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.