Geoff Walton

Principal Security Consultant


Geoff Walton is a Senior Security Consultant for Cleveland-based TrustedSec. He joined TrustedSec’s founder, David Kennedy, after years of working in information security. Geoff’s expertise in pen testing, network security, and software analysis comes from over ten years experience in a variety of information technology roles including software development, network operations, and information security specific functions; Geoff brings a broad vision to assessments and penetration test engagements. Geoff has been part of diverse IT teams at organizations both large and small. He has experience across several industries including retail, professional services, and manufacturing. Geoff has experience in performing static code analysis of mainframe code base to including Cobol. Geoff holds a degree in Information Science (cum Laude) from Baldwin Wallace College. Professionally Geoff has had an active role in developing information Security practices and has been responsible for network operations and security architecture throughout his career.

Education & Certifications

B.S. Information Science, minor Computer Science Baldwin Wallace College CISSP

Industry Contributions

Developer, DerbyCon CTF Administrator, DerbyCon CTF

Passion for Security

Geoff has been responsible for a number of professional accomplishments including having sole assessment responsibility for environments such as financial institutions, Internet Companies, and Universities. His assessment experience includes clients in multiple lines of business ranging from healthcare, finance, insurance, education, and software development.

Recent Blog Posts

Prepare to Write A Scanner Plugin Before Your Next Platform Test!

BurpSuite is a remarkably extensible platform. While I have written a number of extensions for testing specific applications, as well as more general extensions, one type of extension I had never attempted before was creating my own BurpSuite Scanner plugin. Because modern applications are increasingly difficult to exhaustively test for certain types of issues, I...
computer icon

Building a “Quick” Lab Environment with Linux Containers

As a penetration tester, I often need to stand up small environments (and sometimes not so small) for a few different reasons—to try things out before making a mess of a client’s production system, to avoid being detected, or to use it simply for our own practice. A lot of us at TrustedSec are remote,...
TrustedSec Blogs + Articles logo

Ruby ERB Template Injection

Written by Scott White & Geoff Walton Templates are commonly used both client and server-side for many of today’s web applications.  Many template engines are available in several different programming languages.  Some examples are Smarty, Mako, Jinja2, Jade, Velocity, Freemaker, and Twig.  Template injection is a type of injection attack that can have some particularly...
View all posts from Geoff

Recent Webinars

Seeing the Entire Software Security Picture

During this practical webinar, the TrustedSec Software Security Team will provide a basic introduction to modern software security and give tips to help get the most out of your organization’s next security assessment. We’ll examine how the practice of software...
View all webinars from Geoff

Recent Podcasts

TrustedSec Security Podcasts

Taken your Pulse Lately?

August 12, 2020

Happy Fourth!

August 12, 2020
Geoff Walton

Want to work with Geoff Walton or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us