Skip to Main Content

Zach Bevilacqua

Security Consultant

EXPERIENCE
Zach Bevilacqua found his calling in Information Security after building a career in various PC repair positions before moving to System Administration and Engineering. Zach served as a subject matter expert for a Security Operations Center and fulfilled roles as a detection engineer and security controls tester, which allowed him to cover many aspects of Information Security.

EDUCATION & CERTIFICATIONS

  • Offensive Security Certified Professional (OSCP)

INDUSTRY CONTRIBUTIONS
Zach has spoken at several conferences on topics ranging from threat hunting to building a detection and response program in the enterprise.

PASSION FOR SECURITY
Early in his career, Zach was interested in the offensive side of security. While working toward that goal, he learned about the world of Information Security and his place within it. Zach is driven by learning how things are broken and fixed and enjoys sharing his knowledge with others.

Featured Blogs And Resources

Discover the blogs, analysis, webinars, and podcasts by this team member.

Blog January 25 2024

From Zero to Purple

IntroductionFor any Purple Team, or team using offensive techniques for defensive purposes, we need to make sure we are developing new techniques based on…

Read about this article
Blog January 18 2024

Engagement Guide: How to Prepare for Your Purple Team

After performing many Purple Team engagements with organizations ranging from large enterprise networks to small-to-medium businesses, we've found that the…

Read about this article
Blog July 13 2023

Modeling Malicious Code: Hacking in 3D

Introduction Attackers are always looking for new ways to deliver or evade detection of their malicious code, scripts, executables, and other tools that will…

Read about this article
Webinars February 05 2025

2024 Conference Roundup

Join our panelists David Kennedy, Justin Elze, Jason Lang, and Oddvar Moe for their firsthand accounts and perspectives on what people were talking about at…

Read about this article
News January 21 2025

TrustedSec Tech Brief - January 2025

Carlos Perez walks us through several major vulnerabilities and patches from early January 2025, including a critical Fortinet FortiGate zero-day vulnerability.

Read about this article
Podcasts January 17 2025

Security Noise - Episode 7.9

On this episode of the Security Noise Podcast, we discuss user enumeration on Azure and "presence data" in Microsoft Teams with nyxgeek.

Read about this article
Webinars January 15 2025

DOD Contract Compliance: DFARS 7012 and CMMC

Advisory Compliance Practice Lead Chris Camejo will take a deep dive into the Department of Defense requirements for protecting FCI and CUI.

Read about this article
Blog January 14 2025

Command Line Underdog: WMIC in Action

My typical engagements are mostly Red Teams, so I do not often get a chance to play with terminal server application breakouts—but on a recent engagement, I…

Read about this article
Blog January 07 2025

Solving NIST Password Complexities: Guidance From a GRC Perspective

Not another password change! Isn’t one (1) extra-long password enough? As a former Incident Response, Identity and Access Control, and Education and Awareness…

Read about this article
Podcasts December 20 2024

Security Noise - Episode 7.8

Farewell 2024

Read about this article

Empower your business through better security design.

Talk directly with our experienced advisory consultants to learn how we can help.