Report A Breach
1-877-550-4728
Justin Vaicaro
Principal Incident Response Consultant
Experience
Justin has 12 years combined military experience serving in both the Marine Corps and Air Force. He has 20 years of experience within the Information Technology industry, with the last 10+ years solely focused on security engineering. Justin has worked in various industries, including Internet Service Provider, eCommerce, Pharmaceutical, Automotive, and Aviation. He has held various roles throughout his career, but his technical strength is derived from his vast network engineering experience. His security knowledge is diverse, but his current focus is on Security Architecture and Design, Incident Response, Malware Reversing, Threat Hunting, Threat Intelligence, and Security Operations. He also does a significant amount of research around trending offensive techniques, tactics, and procedures in order to strengthen his defensive mindset.
Education & Certifications
BA, Computer Information Systems & Business Administration (Florida Institute of Technology) CISSP (Certified Information System Security Professional) CISM (Certified Information Security Manager) GCFA (GIAC Certified Forensic Analyst) CREA (Certified Reverse Engineering Analyst) OWSP (Offensive Wireless Security Professional)
Professional Affiliations
ISC2 (Orange County, CA Chapter), ISACA (Orange County, CA Chapter), ISSA (Orange County, CA Chapter), LETHAL (Orange County Hacker Meetup Group)
Industry Contributions
Justin has a patent issued for his specialized work around aircraft in-flight-entertainment data security monitoring methodologies and techniques: Methods and Systems for Monitoring Computing Devices on a Vehicle: US Patent No. US9813911B2
Passion for Security
Justin’s passion for security started early in his network engineering career with his exposure to wireless security. His overall passion for security is what consistently pushes him outside of his comfort zone, to keep learning, and to continually work on specializing in new areas within the security industry. Surrounding himself with extremely smart people keeps him grounded and humble. His favorite part about being a security professional is the consistent and constant drive to face new challenges. “The learning stops when the passion fades!”
Recent Blog Posts
SMS Phish – An Incident Walkthrough
Opener The goal of this blog post is to provide an approach to analyzing a text-based phish link. I will primarily focus on the initial steps to properly view the phish site from a non-mobile browser, provide OPSEC setup and browsing analysis recommendations, and conclude with defense measures to protect against such attacks. Analysis Background...
Read
Adventures in Phishing Email Analysis
Opening Phishing attacks are a daily threat to all organizations and unfortunately, they are one of the hardest threats to protect against. No matter how many defensive layers an organization has put in place following best practice defense-in-depth design, it only takes one (1) user to click on that malicious link or open that weaponized...
Read
Breaking Into InfoSec – A Beginners Guide (Part 2)
Opening In part one of this blog post series, we covered some personal backstory of my journey into InfoSec, went over putting a plan together for your next InfoSec mission, recommended some InfoSec immersion ideas, and provided some guidance around seeking out a mentor. If you haven’t had a chance to read the first part...
Read
Recent Webinars
Continuous Threat Hunting: A Practical Webinar
This webinar was recorded on August 19, 2020 and was presented with Binary Defense. Threat hunting is a vital but often misunderstood practice for organizations and security teams. In order to be successful, a threat hunting program must be proactive, continually tuned, and...
