EXPERIENCE
Zach Bevilacqua found his calling in Information Security after building a career in various PC repair positions before moving to System Administration and Engineering. Zach served as a subject matter expert for a Security Operations Center and fulfilled roles as a detection engineer and security controls tester, which allowed him to cover many aspects of Information Security.
EDUCATION & CERTIFICATIONS
- Offensive Security Certified Professional (OSCP)
INDUSTRY CONTRIBUTIONS
Zach has spoken at several conferences on topics ranging from threat hunting to building a detection and response program in the enterprise.
PASSION FOR SECURITY
Early in his career, Zach was interested in the offensive side of security. While working toward that goal, he learned about the world of Information Security and his place within it. Zach is driven by learning how things are broken and fixed and enjoys sharing his knowledge with others.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
From Zero to Purple
Learn how to create and deploy Internet Shortcut files for adversary emulation and detection engineering using Python, SMB, and WebDAV servers, a useful tool…
Engagement Guide: How to Prepare for Your Purple Team
TrustedSec's Purple Team engagements prepare clients for security assessments by identifying gaps in security coverage, logging, and tooling, with offerings…
Modeling Malicious Code: Hacking in 3D
This blog post reveals how attackers can exploit the.3mf file format to smuggle malicious code into an environment, bypassing off-the-shelf detection…
Security Advisory: React2Shell (CVE-2025-55182) - Critical RCE Vulnerability
A critical vulnerability affecting React Server Components (RSC) is being actively exploited. Here's what to look for and what to do next.
Holy Shuck! Weaponizing NTLM Hashes as a Wordlist
Password reuse is common in Active Directory (AD). From an attacker’s perspective, it is a reliable path to lateral movement or privilege escalation. Most IT…
Security Noise - Hacker Family Feud
Our security experts compete to see which team can guess the most popular answers to cybersecurity industry questions on this episode of the TrustedSec…
Research on Windows Accessibility: Narrator.exe
Join us for our next Discord Livestream "Research on Windows Accessibility: Narrator.exe" on December 4 at 11:00AM ET! During this exclusive session, Principal…
What is a TrustedSec Program Maturity Assessment (PMA)?
The TrustedSec PMA is a tactical approach to evaluating the components, efficiency, and overall maturity of an organization’s Information Security…
NIST CSF 2.0 - From Compliance to Confidence
During our next webinar, our experts will cover the latest evolution of the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF),…
KTVU Fox 2 San Francisco - Too good to be true? Cyber Monday Warning
Protect your purchases this Cyber Monday! Director of Advisory Services Chris Camejo speaks with KTVU Fox 2 to share essential tips on how to safeguard your…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
