David McGuire

David McGuire is the vice president of Veris Group’s Adaptive Threat Division, where he provides strategic direction on penetration testing and red team operations for Fortune 500 clients and major U.S. government agencies. David has extensive experience in conducting large scale, highly specialized adversarial network operations. In addition, he has spent several years training participants from various disciplines in red team operations and penetration testing methodologies, including at major industry conferences such as Black Hat. In his previous life, David was the senior technical lead for the National Security Agency Red Team, providing mission planning and direction through numerous large scale operations. He has a Bachelor’s degree in Computer Information Technology, and is a CREST Certified Infrastructure Tester, GIAC Certified Penetration Tester, GIAC Certified Web Application Penetration Tester, and an Offensive Security Certified Professional (OSCP).

Jason Frank

Jason Frank is the director of Veris Group’s Adaptive Threat Division, where he oversees penetration testing efforts for various government agencies, including the Department of Homeland Security (DHS), Department of Treasury, and multiple Fortune 500 clients. Jason specializes in leading penetration testing programs, while developing and maturing client’s internal assessment efforts. In addition, Jason has several years of experience training participants in testing methodologies, including at major industry conferences such as Black Hat. He has developed and led multiple disparate assessment penetration testing teams, both within Veris Group and for clients. Jason holds a Bachelor of Science in Information Science and Technology. He is an Offensive Security Certified Professional (OSCP), GIAC Certified Penetration Tester, and GIAC Certified Web Application Penetration Tester.

Matt Maley

Matt Maley is a team lead with Veris Group’s Adaptive Threat Division, where he leads penetration tests, technical security assessments, and secure engineering efforts for several U.S. government agencies and commercial clients. He specializes in conducting web application, cloud platform and mobile device penetration tests, and in-depth technical vulnerability assessments. In addition, Matt assists customers with the development of secure engineering guidance for emerging mobile technologies, remote access, and communications solutions. Matt holds a Bachelor’s degree in Information Sciences and Technology with a minor in Security and Risk Analysis. He is an Offensive Security Certified Professional (OSCP) and a GIAC Certified Web Application Penetration Tester.

Will Schroeder

Will Schroeder is a research lead for Veris Group’s Adaptive Threat Division, where he performs a variety of offensive services, including penetration testing and red team engagements for federal agencies and private sector companies. His expertise includes anti-virus evasion, threat replication, post-exploitation, Cortana attack scripting, and offensive PowerShell development. Will is a developer of the Veil-Framework, and has presented at a variety of security conferences including ShmooCon, DefCon, and several Security BSides conferences. He has a strong computer science and security background, having worked at two of the leading cybersecurity research labs in the country, Sandia National Labs and SEI/CERT. Will holds a Master’s degree in Information Security from Carnegie Mellon University. He is an Offensive Security Certified Professional (OSCP), and an Offensive Security Certified Expert (OSCE).

Justin Warner

Justin Warner is the red team operations capability lead for Veris Group’s Adaptive Threat Division, where he leads red team operations for Fortune 500 clients and U.S. government agencies. Justin drives red team operations capability development through tools, techniques and training, both internally and for external red teams. He specializes in advanced adversarial tradecraft, reverse engineering, post-exploitation intelligence gathering, and offensive PowerShell development. Justin is a developer of several open source security tools including PowerPick and PowerBreach. Previously, Justin was an Air Force Cyber Operations Officer assigned to the intelligence community. He holds a Bachelor’s degree in Computer Science from the United States Air Force Academy.

Alex Norman

Alex Norman is a penetration tester for Veris Group’s Adaptive Threat Division, and has over ten years of experience in the fields of information security and system development. Alex performs assessment services for an array of commercial and government clients, and his expertise includes network, web application, and cloud system penetration testing as well as security control assessment and vulnerability analysis. He actively participates in the public security community, volunteering on community projects like the Open Web Application Security Project (OWASP), and helping to manage security conferences, such as Security BSidesDC. Alex holds a Master of Science in Security Informatics, and is an Offensive Security Certified Professional (OSCP).

Jonathan Yates

Jonathan Yates is a team lead with Veris Group’s Adaptive Threat Division, where he is responsible for leading penetration tests for both government and Fortune 500 commercial clients. John is experienced in conducting network-based and web application penetration tests, as well as longer-term red team engagements focusing on advanced threat emulation. In addition, he engages in vulnerability research and exploit development. John holds a Bachelor’s degree in Business Administration, and is an Offensive Security Certified Expert (OSCE).

Steve Borosh

Steve Borosh is a penetration tester for Veris Group’s Adaptive Threat Division. As a prior U.S. Army service member and security contractor, he is experienced in assessing both physical and network security. Steve’s current duties include network and web application penetration testing. He also actively contributes to coding projects and participates in security research/bug bounty programs. Steve has a B.S. in Network Security from ECPI University, and holds the Offensive Security Certified Professional (OSCP) certification.

Rohan Vazarkar

Rohan Vazarkar is a penetration tester for Veris Group’s Adaptive Threat Division. Rohan performs assessments for both commercial and government clients, including both network and web application penetration testing. Rohan has a Bachelor’s degree in Computer Science with a focus in Security, and holds the Offensive Security Certified Professional (OSCP) certification.

Jared Atkinson

Jared Atkinson is the hunt capability lead with Veris Group’s Adaptive Threat Division and is an Adjunct Lecturer in Utica College’s M.S. in Cybersecurity program. Before working for Veris Group, Jared spent 4 years leading incident response missions for the U.S. Air Force Hunt Team, detecting and removing Advanced Persistent Threats on Air Force and DoD networks. Passionate about PowerShell and the Open Source community, Jared is the lead developer of the PowerForensics project, an open source forensics framework for PowerShell, and maintains a DFIR focused blog.

Brian Reitz

Brian Reitz is a penetration tester for Veris Group’s Adaptive Threat Division. Brian is experienced in vulnerability assessment, network security, and web application security, and has performed assessments for commercial and government clients, including the Department of Homeland Security and the intelligence community. Brian has a B.S. in Information Sciences and Technology from Penn State University.

Doyle Fecher

Doyle Fecher is a penetration tester for Veris Group’s Adaptive Threat Division. His technical experience within information technology includes physical security, cybersecurity, and location-based mobile device security. His current duties include performing web application, network, and cloud system vulnerability assessments and penetration tests for both commercial and government clients. He is an advocate and volunteer for ISC2’s Safe and Secure Online Program. Doyle is an Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH) and Certified Information Systems Security Professional (CISSP).