EXPERIENCE
Before joining TrustedSec, Paul Sems excelled at leading organizations in technology and executive leadership roles. He is a lifelong hacker with extensive experience assisting a wide range of organizations in meeting technology and security challenges.
Paul was the senior executive responsible for IT at Vitamix, a manufacturer and marketer of high-end blending products for both the foodservice industry and the consumer market. While at Vitamix, Paul built a world-class IT organization to support a half-billion dollar global enterprise. He initiated and managed the implementation of multiple business solutions that have been the foundation for significant growth and stability within the organization. Under his leadership, the organization selected, implemented, and supported solutions that proved to be a significant business enabler, supporting the massive growth that Vitamix experienced during his 10-year tenure.
At TrustedSec, Paul built and currently leads the Remediation Services team, which focuses on hardening environments before security incidents happen and helping firms remediate issues after a real or simulated breach. The team is focused on providing pragmatic solutions that improve clients' security postures.
EDUCATION & CERTIFICATIONS
Throughout this career, Paul has held other roles, including business owner, CTO, COO, network engineer, and product development engineer. He received a Master of Business Administration degree from Case Western Reserve University and a Bachelor of Science degree in Computer Science from The University of Akron. He is an inventor of U.S. Patent US20160220973A1.
Featured Blogs And Resources
Discover the blogs, analysis, webinars, and podcasts by this team member.
Securing Cloud Native Applications With DevSecOps
Join Managing Director of Remediation Services Paul Sems and DevSecOps Security Consultant Mitch Parish as they discuss the challenges and identify solutions…
Insecure by Default: The Hidden Complexities of Cloud Security
Join experts from our Cloud Security and Hardening teams to gain practical insights for how to enhance your own cloud security posture.
A More Efficient Attack Path Effectiveness Assessment
Join Director of Advisory Innovations Rockie Brockway as he discusses the history of this unique offering and learn about how the evolution of this tool has…
Oklahoma's News 4 - Edmond man receives scary threatening phone call scam
Managing Director of Remediation Services Paul Sems spoke to Oklahoma's News 4 about the recent uptick in threatening voice cloning scams and ways you can…
Defending Backups Against Ransomware
Join Security Consultant Mike Owens and Remediation Director Paul Sems who will discuss how ransomware attackers are going after backups, identify common…
Offensively Groovy
On a recent red team engagement, I was able to compromise the Jenkins admin user via retrieving the necessary components and decrypting credentials.xml. From…
Spec-tac-ula Deserialization: Deploying Specula with .NET
Earlier this year, I gave a talk at Steelcon on .NET deserialization and how it can be used for Red Team ops. That talk focused on the theory of .NET…
Let’s Clone a Cloner - Part 2: You Have No Power Here
Previously on Let's Clone a Cloner, I needed a long-range RFID badge cloner. There are many walkthroughs out there on how to build a cloner that are fantastic,…
EKUwu: Not just another AD CS ESC
TL;DR - Using built-in default version 1 certificate templates, an attacker can craft a CSR to include application policies that are preferred over the…
Kicking it Old-School with Time-Based Enumeration in Azure
IntroductionYet another user-enumeration method has been identified in Azure. While Microsoft may have disabled Basic Authentication some time ago, we can…
Empower your business through better security design.
Talk directly with our experienced advisory consultants to learn how we can help.
