Ben Mauch

Team Lead, Defense & Countermeasures


Ben has been working in technology and development for over 20 years. He spent 13 years doing defense in the medical industry before moving over to the offense. He uses his knowledge of defense in order to refine his offensive skills and then uses this knowledge to equip customers with a better understanding of defensive methodologies.

Education & Certifications

GIAC Certified Penetration Tester (GPEN)

Professional Affiliations

Board Member for Secure Chicago, LLC

Passion for Security

Ben has dedicated himself to the security industry for the past 15 years. He speaks at several conferences a year across the US and he has presented in Oslo, Norway. Ben is active in the security community by offering talks, training, and encouraging new people to get involved. Ben has released open source tools including The PoshSec Framework, HoneyCreds, and Not PowerShell (nps) which are designed to help organizations refine their security posture.

Recent Blog Posts

kerberoast attacks graphic

The Art of Detecting Kerberoast Attacks

As a former defender, there is a sense of “happiness” when I can put defenses in place that allow you to detect attacks and potential indicators of compromise (IoC). It’s like those old spy toys you would get as a kid that had the “laser” light and would make a sound if the light beam...
TrustedSec Blogs + Articles logo

New Tool Release: NPS_Payload

Over the past year, we have seen a lot of research come out which highlights several of Microsoft’s native binaries which can be leveraged by an attacker to compromise or gain access to a system. One of these binaries, msbuild.exe, has proven very reliable in allowing us to gain a shell on a host in...
View all posts from Ben

Recent Webinars

Deception And Discovery: How Attackers Hide Backdoor Accounts (And How Defenders Find Them)

THIS WEBINAR WAS RECORDED ON JULY 7, 2021. Approaching an attack from all angles—conducting, detecting, and defending against them—can be a key element for strengthening the capabilities of security teams via Purple Team exercises and collaborative learning. However, finding practical...

Improving SIEM and MSSP Performance

Recorded on Wednesday, December 9, 2020. The goal of the Security Information and Event Management (SIEM), and theSecurity Operations Center (SOC) or Managed Security Service Provider (MSSP) that manage it, is to relay actionable intelligence that enables security teams to...

Going Purple: Measurably improving your security posture with Purple Team engagements

Recorded August 21, 2019 at 1 P.M. EST Adversaries continue to morph tactics and identify new ways of attacking organizations. Whether emulating a perimeter breach or the more popular phishing attack on the user population, it has never been more...
View all webinars from Ben
Ben Mauch

Want to work with Ben Mauch or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us