EXPERIENCE
Shane has been working in computer technology and information security for over 20 years. Some of his recent work includes performing specialized incident analysis on the latest cybercrime activities, producing actionable threat intelligence.
EDUCATION & CERTIFICATIONS
- BA, Business and E-Commerce, University of Phoenix
- MS, Digital Forensics, University of Central Florida
- Certified Information Security Professional (CISSP)
PROFESSIONAL AFFILIATIONS
- Tampa Bay Chapter of (ISC)²
INDUSTRY CONTRIBUTIONS
- Author, Android Malware and Analysis – 2014
- BSides Tampa Presentation – Android Malware and Analysis – 2015
- BSides Tampa Presentation – NFC Your Smart Phone’s Best Friend or Worst Nightmare – 2017
- Video Course – Metasploit Unleashed – 2020
- BSides Tampa Presentation – IOT Insecurities – 2022
PASSION FOR SECURITY
Shane continually shares his industry knowledge through publications and public presentations. Additionally, he is a part-time adjunct professor at the University of South Florida, teaching classes such as Ethical Hacking and Digital Forensics.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Adding Value to a Traditional Penetration Test
Join leaders from TrustedSec’s Advisory, Remediation, and Incident Response teams as they discuss where many programs go wrong, the consequences, and how to…
Prefetch: The Little Snitch That Tells on You
Incident Response and forensic analysts use the contents of prefetch files in investigations to gather information, such as the source from which an executable…
ESXiArgs: What you need to know and how to protect your data
Threat Overview Around February 03, 2023, a ransomware campaign called “ESXiArgs” emerged that targeted Internet-facing VMware ESXi servers running versions…
Back to Basics: The TrustedSec Guide to Strong Cyber Hygiene—Part 2
In the first Back to Basics blog we discussed cyber hygiene and some fundamental security practices one can take to quickly assess their current cybersecurity…
BEC Basics: Your First Step to Thwarting Email Scams
Attackers never stop evolving their business email compromise (BEC) tactics, leveraging phishing, credential harvesting, and email spoofing to infiltrate…
Actionable Purple Team Simulation Online Training (November 7-8)
Learn how to create specific detections to identify early Indicators of Compromise (IOCs) in our online course. Designed for those looking to improve their…
Ask Me Anything: Advanced Cloud Pen Testing Scenarios
Cloud Penetration Tests are a critical component of cloud security, but integrating other testing methods can take the assessment to the next level. Adding…
Offensively Groovy
On a recent red team engagement, I was able to compromise the Jenkins admin user via retrieving the necessary components and decrypting credentials.xml. From…
Security Noise - Episode 7.4
Who's On My Network?
Spec-tac-ula Deserialization: Deploying Specula with .NET
Earlier this year, I gave a talk at Steelcon on .NET deserialization and how it can be used for Red Team ops. That talk focused on the theory of .NET…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
