CTO and Director of Innovation, Research, & Advanced Testing
Justin Elze is a Principal Security Consultant with TrustedSec’s Force practice with over ten years of experience in the Information Technology industry. His areas of specialty are in enterprise penetration testing, network security, social engineering, red teaming. Prior to joining TrustedSec Justin was a senior penetration tester for Accuvant LABs, Dell SecureWorks and Redspin where he leads numerous red team engagements, penetration tests, and HIPAA risk assessments. Justin has worked in various industries including Internet Service Providers, hosting, DoD contracting, and services consulting companies. Justin has a broad range of experience in information technology implementation and solutions. The diverse environments and a broad range of technology solutions have given Justin a wide variety of skills and experience that applies to his current role.
Education & Certifications
Offensive Security Certified Professional (OSCP) Certified Ethical Hacker (CEH) Mile2 Certified Penetration Testing Engineer (CPTE) Citrix Certified Administrator (CCA) Apple Certified Support Professional (ACSP)
Buffalo InfraGard Member Buffalo ISSA Member Guest lecturer/Advisor for the University of Buffalo’s Net Defense program
Passion for Security
Justin’s passion for security originated with network security and now includes a wide variety of other topics including the internet of things, automobile hacking, and malware reverse engineering. Justin regular looks for new techniques and tactics to help emulate real-world threats as well as researching new methods to bypass security controls.
Recent Blog Posts
Traditional pentesting is evolving as many companies are rapidly maturing their information security programs. Additionally, improvements in operating system hardening, endpoint protection agents, and security appliances are raising the bar for successful compromise and lateral movement. If you talk with pentesters across the industry, you will hear more and more positive stories about client security...
Welcome to 2018! It’s only been a few days into the new year and we already have newly named bugs, thanks to the Google Project Zero, Cyberus Technology, and the Graz University of Technology. Jann Horn, Werner Haas, Thomas Prescher, Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz, Paul Kocher, Daniel Genkin, Mike Hamburg, Moritz...
UPDATE: When posting this blog, we had not done the most recent patches for patch Tuesday (in March). This SMB flaw apparently was fixed on Tuesday with MS17-010. When we did our testing, we were out of the patch cycle for March. Clarified the blog post with the update and link to Microsoft below. Link...
With attacks getting harder to spot and ransomware taking center stage, learn from security trailblazers, including our own CTO Justin Elze, on how they leverage AI and human-centric strategies to prevent breaches at their organizations. Spear phishing attacks are surging,...
Recorded on October 21st, 2020 Understanding the real-world effectiveness of your security controls is a crucial element in constructing a robust security posture. Red Team engagements (or “Adversarial Attack Simulations” as they’re known at TrustedSec) are extended, goal-oriented engagements using...