March 05, 2024

Justin Elze: A CTO's Offensive Security Insights

37 minutes

About the Guest:

Justin Elze is the CTO of TrustedSec, a highly acclaimed cybersecurity company. With over 14 years of industry experience, Justin is an expert in the field of offensive security, especially in the domain of red teaming and penetration testing. His extensive knowledge extends over several facets of cybersecurity, from system engineering to research. At TrustedSec, he also oversees the red team and research team, showcasing a driven career that advanced from hands-on technical roles to strategic leadership.

Episode Summary:

In this insightful episode of the cybersecurity-focused podcast, we have the pleasure of welcoming Justin Elze, the Chief Technology Officer of TrustedSec. The conversation dives deep into the world of offensive security, balancing technical expertise with leadership, and the evolution of penetration testing and red teaming in the dynamic cybersecurity landscape.

The episode kicks off with host Phillip Wylie introducing Justin Elze and acknowledging his substantial experience in cybersecurity and defensive security. As they delve into the discussion, Justin shares his origin story, detailing his journey from IRC beginnings and computer repair to ascending the ranks in the cybersecurity realm. The conversation steers towards various career tips for aspiring cybersecurity professionals, touching upon certifications, the art of interviewing, and the importance of having a diverse skill set. Also discussed are current trends and future directions in offensive security, such as assume breach assessments, red team specialization, and purple team operations.

Key Takeaways:

Experience in IT prior to entering offensive security is invaluable for understanding business processes and applying cybersecurity measures effectively.

For those looking to break into cybersecurity, certifications such as OSCP and specialized courses can offer a significant edge.

Purple team operations are pivotal for organizations to develop robust defenses and improve upon the insights gained from offensive security assessments.

Cultural shifts, such as the move towards more assume breach assessments, indicate the evolving strategies in red teaming and cybersecurity testing.

Although specializations can be advantageous, they should be balanced with broader skills to remain adaptable in the swiftly changing cybersecurity landscape.

Notable Quotes:

"Once you get to a certain point of doing this, you really just need to focus on, hey, I found a really good class on AWS, found a really good class on enumeration."

"You kind of need to look at where you are today, where things you think will be in five years."

"The report is really what you're going to digest… Making sure that they [cybersecurity firms] are there to kind of support you after you have the report to digest it at different levels that you need."

Resources:

https://twitter.com/HackingLZ

https://www.linkedin.com/in/justinelze/

TrustedSec website: trustedsec.com

...more

View all episodes

By Phillip Wylie

4.9

1717 ratings