Leo Bastidas
Senior Incident Response Consultant
Experience
Leo has 15 years of experience of incident response combined from the military and private sector. Majority of his experience comes from DoD but has been in the private sector for the last few years.
Education & Certifications
GPEN – GIAC Penetration Tester
GLEG – GIAC Law of Data Security & Investigations
GCIH – GIAC Certified Incident Handler
Passion for Security
Leo was taught from a young age, if you can defend someone less fortunate, it is your duty to do so. That lesson carried him into joining the military and incident response. After transitioning out of the military, Leo fell in love with open-source and free software to help defend, train, and advise someone who otherwise was not able to spend the money in order to have basic security. Leo started hanging out with like-minded individuals and helped coordinate and run an open-source blue team CTF.
Recent Blog Posts
On March 29, 2022, a security researcher with the handle p1n93r disclosed a Spring Framework remote code execution (RCE) vulnerability, which was archived by vx-underground. This vulnerability, known as Spring4Shell, affects applications that use JDK v9 or above that run Apache Tomcat as the Servlet Container in a WAR package and use dependencies of the...
Read
TrustedSec’s Incident Response Team sent urgent communications to all IR retainer clients after the discovery of the compromise of Okta. Below are the recommendations provided with additional updates after reviewing more information on 03/23/2022. On March 22, 2022, the threat group LAPSUS$ announced a successful compromise of Okta, a heavily used identity and access management...
Read
Every day, new challenges, attacks, and vulnerabilities are publicized. Just as attackers and the threat landscape are constantly changing, adapting, and evolving, so too must the Blue Teams and defenders who protect organizations against these threats. While the old adage may have been that attacks are rare and unlikely to happen, a new mentality of...
Read
Recent Webinars
Threat Hunting is the process of proactively searching an organization’s network for malicious activity that evades existing security monitoring, detection, and alerting. If done properly, Threat Hunting can be one of the most effective ways to identify evidence of malicious...