Practice Lead, Incident Response
Tyler has over 20 years of real-world experience in incident handling, malware analysis, computer forensics, and information security for multiple organizations. He has spoken and taught at a number of security conferences about topics ranging from incident response to penetration testing techniques.
Education & Certifications
BS Computer Science, University of Akron, GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE)
MASTIFF Static Analysis Framework
Passion for Security
Tyler’s passion for incident response stems from his love of solving puzzles. He uses this ambition to get to the bottom of issues at hand; whether it’s forensic analysis of a disk, reverse engineering or malware, or the latest CTF contest, Tyler is driven to uncover every detail.
Recent Blog Posts
The Citrix NetScaler remote code execution vulnerability (CVE-2019-19781) has been a pretty popular topic over the last few weeks. Once public exploits of the vulnerability started to appear in the wild, TrustedSec deployed a Citrix NetScaler honeypot. We did not have to wait long for the attacks to begin. Less than 24 hours after deployment,...
With the recent Citrix ADC (NetScaler) CVE-2019-19781 Remote Code Execution vulnerability, the TrustedSec Incident Response team has been working closely with our offensive and research teams as they created a working exploit. This has allowed us to create a list of locations and indicators to search for on potentially compromised Citrix ADC hosts. Based on...
So far in this series, we have looked at what ransomware is, what it does after it has compromised a system, and what organizations can do to detect and prevent ransomware. (Catch up with Part 1 & Part 2 before continuing!) However, that is only half the story. Organizations need to assume that they will...
Register Now No one likes surprises, especially of the security kind. We’d all like to know what the future holds. A lot of research organizations are putting out predictions for security that are all over the map. Some are possible...
Recorded March 27, 2019 at 1 P.M. EST Practice? We’re talking about practice?! Cyber attacks are an organizational concern. In order to build an effective security program, it’s impossible to rely on “best practice” policies without testing and vetting them...