Senior Incident Response Consultant
Nick has a background in providing Digital Forensics and Incident Response services to under-served and under-equipped organizations, specifically state and local governments, as part of a not-for-profit. This experience spans from malware analysis to penetration testing, and everything in between. Nick also has experience performing forensic analysis in a law enforcement context, including testifying as a fact-witness in court.
Education & Certifications
B.S. Cybersecurity & Information Assurance, Minor in Computer Science
GIAC Reverse Engineering Malware (GREM)
GIAC Defending Advanced Threats (GDAT)
GIAC Certified Forensic Examiner (GCFE)
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
GIAC Web App Penetration Tester (GWAPT)
Passion for Security
Nick’s passion for security is driven by curiosity and a desire to beat the bad guys. He enjoys diving deep into technical concepts to reveal and master the unknown and leveraging this knowledge to help organizations in need. Nick often spends his personal time writing code, testing open source solutions, and brushing up on forgotten skills.
Recent Blog Posts
TrustedSec’s Incident Response Team sent urgent communications to all IR retainer clients after the discovery of the compromise of Okta. Below are the recommendations provided with additional updates after reviewing more information on 03/23/2022. On March 22, 2022, the threat group LAPSUS$ announced a successful compromise of Okta, a heavily used identity and access management...
Every day, new challenges, attacks, and vulnerabilities are publicized. Just as attackers and the threat landscape are constantly changing, adapting, and evolving, so too must the Blue Teams and defenders who protect organizations against these threats. While the old adage may have been that attacks are rare and unlikely to happen, a new mentality of...
Nearly three weeks after news regarding the widespread compromise of SolarWinds Orion customers became public, TrustedSec continues to receive inquiries from clients seeking more granular detail about the nature of the compromise. In most cases, clients have received a list of command and control (C2) domains from a major vendor and require assistance in investigating...
Recorded on Tuesday, March 15th, 2022 at 1pm Eastern On February 27, 2022, a cache of chat logs from the notorious ransomware group Conti was anonymously leaked to the public. The leak revealed previously unpublished information about the group’s internal...