CTO, Director of Research
Justin Elze is a Principal Security Consultant with TrustedSec’s Force practice with over ten years of experience in the Information Technology industry. His areas of specialty are in enterprise penetration testing, network security, social engineering, red teaming. Prior to joining TrustedSec Justin was a senior penetration tester for Accuvant LABs, Dell SecureWorks and Redspin where he leads numerous red team engagements, penetration tests, and HIPAA risk assessments. Justin has worked in various industries including Internet Service Providers, hosting, DoD contracting, and services consulting companies. Justin has a broad range of experience in information technology implementation and solutions. The diverse environments and a broad range of technology solutions have given Justin a wide variety of skills and experience that applies to his current role.
Education & Certifications
- Offensive Security Certified Professional (OSCP)
- Certified Ethical Hacker (CEH)
- Mile2 Certified Penetration Testing Engineer (CPTE)
- Citrix Certified Administrator (CCA)
- Apple Certified Support Professional (ACSP)
Buffalo InfraGard Member Buffalo ISSA Member Guest lecturer/Advisor for the University of Buffalo’s Net Defense program
Passion for Security
Justin’s passion for security originated with network security and now includes a wide variety of other topics including the internet of things, automobile hacking, and malware reverse engineering. Justin regular looks for new techniques and tactics to help emulate real-world threats as well as researching new methods to bypass security controls.
Recent Blog Posts
Threat Overview Earlier this week, Microsoft released a patch for Outlook vulnerability CVE-2023-23397, which has been actively exploited for almost an entire year. This exploit has caught the attention of a hacking group linked to Russian military intelligence that is using it to target European organizations. CVE-2023-23397 allows threat actors to steal NTLM credentials of...
One of the more common questions we receive during a red team scoping call or RFP Q&A call is, how many dedicated consultants will be involved in the assessment? There is no “correct” answer to this question, and ultimately, the answer as to how red team engagements are staffed comes down to how the consultancy...
Traditional pentesting is evolving as many companies are rapidly maturing their information security programs. Additionally, improvements in operating system hardening, endpoint protection agents, and security appliances are raising the bar for successful compromise and lateral movement. If you talk with pentesters across the industry, you will hear more and more positive stories about client security...
Join David Kennedy, Founder & Chief Hacking Officer, and Justin Elze, CTO & Director of Research, for a live webinar in which they’ll answer your questions about penetration testing. Building off the Who’s Winning the Red vs. Blue Team Arms...
Presented by TrustedSec & Binary Defense on December 14, 2021. During this live webcast we are covering the latest news and guidance on the Log4j vulnerability and what organizations can do to detect and respond to it. We will discuss...
With attacks getting harder to spot and ransomware taking center stage, learn from security trailblazers, including our own CTO Justin Elze, on how they leverage AI and human-centric strategies to prevent breaches at their organizations. Spear phishing attacks are surging,...