Senior Incident Response Consultant
Nick has a background in providing Digital Forensics and Incident Response services to under-served and under-equipped organizations, specifically state and local governments, as part of a not-for-profit. This experience spans from malware analysis to penetration testing, and everything in between. Nick also has experience performing forensic analysis in a law enforcement context, including testifying as a fact-witness in court.
Education & Certifications
B.S. Cybersecurity & Information Assurance, Minor in Computer Science
GIAC Reverse Engineering Malware (GREM)
GIAC Defending Advanced Threats (GDAT)
GIAC Certified Forensic Examiner (GCFE)
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
GIAC Web App Penetration Tester (GWAPT)
Passion for Security
Nick’s passion for security is driven by curiosity and a desire to beat the bad guys. He enjoys diving deep into technical concepts to reveal and master the unknown and leveraging this knowledge to help organizations in need. Nick often spends his personal time writing code, testing open source solutions, and brushing up on forgotten skills.
Recent Blog Posts
Overview This blog post will provide an overview of common log sources in Azure and AWS, along with associated storage and analysis options. At a high level, cloud-based incidents can be categorized into host-based compromises (that is, compromises primarily involving virtual machines hosted in the cloud) and identity-based or resource-based compromises (compromises primarily involving cloud-native...
A tabletop exercise (TTX) measures more than an organization’s technical capabilities and adherence to an incident response plan—it facilitates the confluence of personalities and team cultures, in turn revealing friction not only in processes but also in team dynamics. The success of an organization’s response in both a TTX scenario and, more importantly, a real-world...
TrustedSec’s Incident Response Team sent urgent communications to all IR retainer clients after the discovery of the compromise of Okta. Below are the recommendations provided with additional updates after reviewing more information on 03/23/2022. On March 22, 2022, the threat group LAPSUS$ announced a successful compromise of Okta, a heavily used identity and access management...
Recorded on Tuesday, March 15th, 2022 at 1pm Eastern On February 27, 2022, a cache of chat logs from the notorious ransomware group Conti was anonymously leaked to the public. The leak revealed previously unpublished information about the group’s internal...