Skip to Main Content

Scott Nusbaum

Principal Research Analyst

Scott Nusbaum has over 25 years of experience in software development and 16 years in Information Security. He has experience ranging from material handling and banking to the defense industry.


  • Bachelor of Science, Computer Engineering, University of Cincinnati
  • Master of Science, Computer Science, Cyber Informatics, University of Cincinnati
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Exploit Developer (OSED)
  • Offensive Security Experienced Professional (OSEP)
  • GIAC Reverse Engineering Malware (GREM)

Scott has contributed to InfoSec conferences to share his knowledge with the community, including Queen City Con 2023, Texas Cyber Summit 2023, the Ohio Information Security Forum, and as an Adjunct Instructor at the University of Cincinnati.

Scott has always been fascinated with computers and software. He started programming in elementary school and has never stopped. Scott is passionate about learning the internal workings of software and systems. This led to reverse engineering, malware, exploits, and CTF.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog January 30 2024

Burrowing a Hollow in a DLL to Hide

1    Burrowing a Hollow in a DLL to Hide In this post about common malware techniques, we are still talking about hollowing—but this time, instead of hollowing…

Read about this article
Webinars July 01 2021

The Ransomware Environment: Going Beyond the Headlines

Join Kennedy and Nusbaum for this interactive webinar that will dive deeper into how these attacks are carried out and how organizations can be prepared.

Read about this article
Webinars March 08 2023

Who’s Winning the Red vs. Blue Team Arms Race

Join experts Adam Compton—Principal Penetration Testing Consultant, Phil Rowland—Remediation Practice Lead, and Scott Nusbaum—Principal Advanced Research…

Read about this article
Blog June 16 2023

Obfuscation Using Python Bytecode

1.1   Introduction I love when I get tossed a piece of unique malware. Most of the time, malware is obfuscated using PowerShell or a dropper written in C. This…

Read about this article
Blog May 30 2023

PPID Spoofing: It’s Really this Easy to Fake Your Parent

1 New Blog Series on Common Malware Tactics and Tricks This will be the first post in a series of blogs covering some common malware tactics and tricks. The…

Read about this article
Blog February 08 2023

ESXiArgs: The code behind the ransomware

1 Deep Dive into an ESXi Ransomware TrustedSec’s Nick Gilberti wrote a great blog covering the ESXi ransomware’s shell script here. However, in this blog, we…

Read about this article
Blog January 31 2023

New Attacks, Old Tricks: How OneNote Malware is Evolving

1    Analysis of OneNote Malware A lot of information has been circulating regarding the distribution of malware through OneNote, so I thought it would be fun…

Read about this article
Training Resources November 07 2024

Actionable Purple Team Simulation Online Training (November 7-8)

Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…

Read about this article
Training Resources August 03 2024

Black Hat USA Training - Applied Threat Hunting and Detection Engineering

Registration is now open for our Black Hat training on August 3-6, 2024

Read about this article
Events TrustedSec HQ | July 30 2024

ISC2 Cleveland Chapter Member Meeting July 2024

ISC2 Cleveland Chapter July MeetupCome join us for our monthly meetup! The ISC2 Cleveland Chapter is hosting an exciting in-person event for all cybersecurity…

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.