Geoff Walton

Practice Lead, Application Security

Experience

Geoff Walton is a Senior Security Consultant for Cleveland-based TrustedSec. He joined TrustedSec’s founder, David Kennedy, after years of working in information security. Geoff’s expertise in pen testing, network security, and software analysis comes from over ten years experience in a variety of information technology roles including software development, network operations, and information security specific functions; Geoff brings a broad vision to assessments and penetration test engagements. Geoff has been part of diverse IT teams at organizations both large and small. He has experience across several industries including retail, professional services, and manufacturing. Geoff has experience in performing static code analysis of mainframe code base to including Cobol. Geoff holds a degree in Information Science (cum Laude) from Baldwin Wallace College. Professionally Geoff has had an active role in developing information Security practices and has been responsible for network operations and security architecture throughout his career.

Education & Certifications

B.S. Information Science, minor Computer Science Baldwin Wallace College CISSP

Industry Contributions

Developer, DerbyCon CTF Administrator, DerbyCon CTF

Passion for Security

Geoff has been responsible for a number of professional accomplishments including having sole assessment responsibility for environments such as financial institutions, Internet Companies, and Universities. His assessment experience includes clients in multiple lines of business ranging from healthcare, finance, insurance, education, and software development.

Recent Blog Posts

More Options for Response Modification -With ResponseTinker

By Geoff Walton
In Application Security Assessment, Mobile Security Assessment, Security Testing & Analysis
As the web application footprint migrates client-side, tools to thoroughly analyze and test client behavior are becoming increasingly important. Burp Suite has made some great strides in this direction with their browser-based enhancements to crawling and scanning, but when it comes time to really dig into the particulars for research, we are still very much...
Read

Fuzzing the Front End!

By Geoff Walton
In Application Security Assessment, Mobile Security Assessment
So, who is testing the client-side components of Single Page Applications (SPAs)? What are you doing exactly, dropping a few cross-site scripting (XSS) polyglots into boxes like you used to do with “<ScRiPt>alert(123)</sCrIpT>” for traditional apps back in 2001?  Are you mostly holding out hope that all big problems will be in the back-end APIs?...
Read

Prepare to Write A Scanner Plugin Before Your Next Platform Test!

By Geoff Walton
In Application Security Assessment
BurpSuite is a remarkably extensible platform. While I have written a number of extensions for testing specific applications, as well as more general extensions, one type of extension I had never attempted before was creating my own BurpSuite Scanner plugin. Because modern applications are increasingly difficult to exhaustively test for certain types of issues, I...
Read
View all posts from Geoff

Recent Webinars

Seeing the Entire Software Security Picture

During this practical webinar, the TrustedSec Software Security Team will provide a basic introduction to modern software security and give tips to help get the most out of your organization’s next security assessment. We’ll examine how the practice of software...
Watch
View all webinars from Geoff

Recent Podcasts

TrustedSec Security Podcasts

Who is Reading Your Gmail?

August 12, 2022

Privacy Screen

August 12, 2022

A Nice Relaxing Dip into Powershell

August 12, 2022

Want to work with Geoff Walton or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us