Steve Maxwell

Senior Security Consultant

Experience

Steve has over 18 years of experience, ranging from software development, software quality, performance engineering, information security, and internal audit. Before TrustedSec, Steve performed a number of functions supporting security initiatives within the retail and healthcare industries. He has presented to and trained hundreds on automation, performance engineering, and attack mitigation techniques.

Education & Certifications

CISSP; QSA; received his BS from the University of Utah.

Passion for Security

Steve’s passion for security has grown out of a technical background in optimizing enterprise stability, which naturally led to work for stability through security. He enjoys presenting the value of security to both technical and executive staff.

Recent Blog Posts

6 crucial network segmentation actions graphic

Six Crucial Network Segmentation Actions

By Steve Maxwell
In Program Assessment & Compliance, Security Program Management
We are constantly barraged with new technologies and techniques for securing the enterprise. Every new thing we are told is crucially important, and if you don’t master all of it now, you are the next breach headline. It is intimidating to say the least. It is easy to look past the basics of securing the...
Read
chip security graphic

Don’t Delay, Migrate Today (Away from SSL/Early TLS)

By Steve Maxwell
In Application Security Assessment, Penetration Testing, Security Testing & Analysis
For those tempted to delay migration away from Secure Sockets Layer (SSL)/early Transport Layer Security (TLS)—don’t wait! This includes all versions of SSL and version 1.0 of TLS (TLS v1.1 and newer are fine). For Payment Card Industry Data Security Standard (PCI-DSS) compliance, you can’t simply migrate sometime before your next PCI audit. Rather, you...
Read
PCI update graphic

PCI v3.2.1 is here!

By Steve Maxwell
In PCI Assessment, Program Assessment & Compliance
Version 3.2.1 of the PCI DSS was just released by the PCI Security Standards Council (PCI-SSC). As a minor version, it primarily included clarification updates and one correction to a requirement reference. Most of the changes center around the removal of the January 31st date, which expired this year. Appendix A2.1-A2.3 was updated to focus...
Read
View all posts from Steve

Recent Webinars

Network Segmentation for the Rest of Us! How to get your segmentation project moving toward zero trust.

Recorded July 24, 2019 at 1:00 P.M. EST The idea of segmenting your network is not new. However, even in 2019, we still see companies with flat networks ripe for attack. This provides a much greater opportunity for malicious actions...
Watch
View all webinars from Steve

Recent Podcasts

TrustedSec Security Podcasts

Let Us Diagnose Your Information Security Failings

November 11, 2019

(For Workgroups) Ghidra, Citrix and Beto Oh My!

November 11, 2019
Steve Maxwell

Want to work with Steve Maxwell or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us