EXPERIENCE
Justin Elze is currently serving as Chief Technology Officer at TrustedSec. Over his 8 years with the company as an InfoSec expert, Justin has used his vast expertise in enterprise penetration testing, network security, social engineering, and red teaming to identify clients’ vulnerabilities and ultimately, protect their technology infrastructure. Prior to becoming CTO, Justin held the roles of Director of Innovation, Research, and Advanced Testing and Principal Security Consultant for TrustedSec.
With more than a decade of experience in the IT industry, Justin’s expertise is increasingly sought out by others in the field. He has taught at Black Hat and spoken at DerbyCon, where he also served on the CFP Review Board, and is also featured as an industry leader in the published books Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World and Tribe of Hackers Red Team: Tribal Knowledge from the Best in Offensive Cybersecurity.
Prior to joining TrustedSec, Justin was a Senior Penetration Tester for Accuvant LABS, Optiv, Dell SecureWorks, and Redspin, where he led numerous red team engagements and penetration tests. He has worked across a variety of industries, including roles for ISPs, hosting companies, Department of Defense contracting companies, and consulting companies. Today, he leans on what he learned throughout his roles in various capacities to inform his choices as CTO and further his thought leadership in the industry.
Outside of his work experience and “ethical hacker” persona, Justin is passionate about building, tuning, and racing cars (and, yes, occasionally hacking them) and spending time with his 3 dogs. You can find his latest musings—security-related and otherwise—on his Twitter account, @HackingLZ.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Walking the Tightrope: Maximizing Information Gathering while Avoiding Detection for Red Teams
Understanding network reconnaissance without detection is crucial in commercial testing, leveraging tools like BloodHound and scripts to gather valuable…
Critical Outlook Vulnerability: In-Depth Technical Analysis and Recommendations (CVE-2023-23397)
Protect your organization from the Microsoft Outlook CVE-2023-23397 vulnerability with expert guidance and a simple remediation script.
Ask Me Anything: Penetration Testing Innovations and Insights
Join David Kennedy & Justin Elze for a live Q&A on penetration testing, tackling the ever-changing tactics used by attackers, and get answers to your burning…
Log4j: Live Update Webcast
Learn how to detect and respond to the Log4j vulnerability with experts from TrustedSec & Binary Defense, including David Kennedy, during our live webcast.
PCI DSS, Telephone Payments, and the Problems With VoIP
Merchants have been accepting payment cards over telephones for a long time, but changing interpretations of VoIP guidance have led to confusion about which…
Shai-Hulud Is Back, and This Time It Ate the Whole Ecosystem
Same worm, different wave. In our new blog, Director of Security Intelligence Carlos Perez covers Shai-Hulud, how this supply-chain malware can eat your whole…
Coverage-Driven Sustained Testing (CDST): A Graph-Oriented Model for Open-Ended Agentic Workflows
1.1 IntroductionRalph is a solid tool that makes agents do…more. It's defined as: an autonomous AI agent loop that runs repeatedly until all PRD items are…
Finding Your Way on the Passkey Path
Ready to ditch passwords for good, but not sure where to start? Introducing Passkey Path, a choose-your-own-adventure guide to transitioning from passwords to…
Slamming the Door on Quick Assist Tech Support Scams and Abuse
Tech support scams are simple by design—just a trusted tool and a convincing story. We break down Microsoft Windows Quick Assist as an attack vector, detection…
GRC in an AI World - Staying in the Fast Lane Without Losing the Race!
Artificial Intelligence (AI) is the new buzz word on the streets. It’s becoming “the best thing since sliced bread” in the IT world and is being used by…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
