InGuardians Team

“So, people hire you to break into their places to make sure no one can break into their places?” - Sneakers 1992

InGuardians, Inc. is an independent information security consulting company providing high-value services.  Our specialties include Red Team Penetration Testing, Hardware, Application Security Assessments, Threat Hunting, Security Architecture Reviews, ICS Red Team Penetration Testing, Hardware, Application Security Assessments, Security Architecture Reviews, ICS and IIoT Security,  Kubernetes and Public Cloud Security, Threat Hunting, Incident Response, Custom Training and more.

 

InGuardians strives to assemble the best and the brightest minds in information security.  Our aim is to channel the collective talents of our team in providing actionable business-focused information security consulting.

Established in 2003 by industry veterans, InGuardians brings technical experience and business acumen to your projects. Our information security professionals have authored tools, books, testing frameworks, and training programs.

Jimmy Alderson

Jimmy Alderson

Chief Executive Officer

Super Power: Rainmaker

Read More

 Jimmy Alderson is a web application and data correlation expert. Jimmy conducts network architecture reviews and security audits. He is an author of the Syngress best seller Nessus Network Auditing. Jimmy joins InGuardians after working for ISS, Meta Security Group, and ESecurity Inc. Jimmy: “Been with InGuardians since inception. I’m the CEO, so I talk to a lot of technical champions inside numerous organizations. Occasionally I get up to shop myself. I work with Jay, who does Operations, and spend a lot of my time on the phone.”

Jay Beale

Jay Beale

Chief Operating Officer, CTO and Principal Security Consultant

Super Power: Command line Kung Fu

Read More

Jay Beale is Chief Operating Officer and a Principal Security Analyst for InGuardians. He is known for his work on mitigation technology, specifically in the form of operating system and application hardening. He’s written two of the most popular tools in this space which are used worldwide throughout government and private industry: Bastille Linux, a lockdown tool that introduced a vital security-training component, and the Center for Internet Security’s Unix Scoring Tool. Through Bastille and his work with the Center, Jay has provided leadership in the Linux system hardening space, participating in efforts to set, audit, and implement standards for Linux/Unix security within industry and government. Jay has served as an invited speaker at a variety of conferences worldwide as well as government symposia. He’s written for Information Security Magazine, SecurityFocus, and the now-defunct SecurityPortal.com. He has worked on six books in the Information Security space, including those in his Open Source Security Series, which includes an international bestseller on the Snort intrusion detection system. Jay is a member of the Honeynet Project, the OVAL Board, and the Cyber Security Policy and Research Institute at George Washington University. As a consultant, Jay focuses on the broad space of security assessments, including penetration tests, security architecture reviews and system audits. Prior to consulting, Jay served as the Security Team Director for MandrakeSoft, helping set company strategy, design security products, and pushing security into the third largest retail Linux distribution. Jay is particularly proud of his start in the security space, where he served a security role at University of Maryland University College.
Mike Poor

Mike Poor

President, Managing Partner

Super Power: I see dead packets

Read More

Mike Poor, as one of the original founders, has been with InGuardians since its inception in 2003. As President, he primarily guides the vision of the company and acts as an insightful consigliere when the chips are down. As a Senior Security Analyst, he conducts large scale breach analysis for clients, tests new technology, and brings a thoughtful attack plan to any information security issue or incident. Mike has supported Intrusion Detection and Incident Response teams for the military, worked for Sourcefire as a research engineer, and served the SANS Institute by leading their Intrusion Analysis Team. He has also been leading and teaching the Intrusion Detection Track at the SANS Institute since 2001, is the author and editor of the international bestseller Snort 2.1, a technical book from Syngress, and acts as a Handler for the Internet Storm Center. Aside from his powerful security intelligence and overwhelming charisma, the team finds that his most useful superpower is his uncanny ability to get into any restaurant. The rest of the time, he enjoys fly fishing, mushroom hunting, sailing, and playing ukuleles.

Bob Hillery

Bob Hillery

Chief Research Officer

Super Power: Asking the unasked questions and getting out of the way

Read More

Bob Hillery is an experienced consultant in Information Systems Security Management. He is a founder and Chief Research Officer with InGuardians, Inc. and has an extensive background in computer networks gained through the Navy and R&D labs. Bob has worked in National Institute of Justice projects and been a Senior researcher with the Institute for Security Technology Studies at Dartmouth College. He served as the Vice President of Academic Affairs & Chair of Information Systems Department for NH Community Technical College, and currently teaches National Security and Cyber-terrorism research courses at the Henry C. Lee College of Forensic Sciences at the University of New Haven. He has significant experience with both the management side and technical issues of security incident handling from his consulting practice. Bob’s professional certifications and affiliations include CISSP, GIAC, MCSE, ISSA and HTCIA.
.

Larry Pesce

Larry Pesce

Senior Managing Consultant & Director of Research

Super Power: The ability to consume unfathomable amounts of coffee and still get a good night sleep. 

Read More

Larry Pesce graduated with a Bachelor of Computer Information Systems in 2006, and has worked professionally as Senior Managing Security Analyst with InGuardians since 2013 and as the Director of Research since 2015. His history with hardware hacking began with the family TV when he was a kid, rebuilding it after it caught on fire. Both times. Later, as a web developer for a university in the early days of the Internet, he managed some of the first Layer 3 switched networks in the world. His core specialities include hardware and wireless hacking, architectural review, and traditional pentesting, often in the financial, energy and healthcare sectors. On the managerial side, he makes sure all the wheels are still on the ground, going over reports, and leading up research efforts, concentrating especially on IoT. He also regularly gives talks at DEF CON, ShmooCon, DerbyCon, and various BSides. Larry holds the GAWN, GCISP, GCIH, GCFA, and ITIL certifications, and has been a certified instructor with SANS for 5 years, where he trains the industry in advanced wireless and Industrial Control Systems (ICS) hacking. He’s also the co-author of multiple papers and books, including Linksys WRT54G Ultimate Hacking, Using Wireshark and Ethereal, and How to Cheat at Configuring Open Source Security Tools; and the technical editor of Wireless Reconnaissance for Penetration Testing, and The Blue Team Handbook: Incident Response Edition. In 2006, he co-founded the multiple international award-winning security podcast, “Paul’s Security Weekly”, which he continues to co-host. Alongside inspiring 150,000 downloads a month, Larry’s independent research for the show has led to interviews with the New York Times with MythBusters’ Adam Savage, hacking internet-connected marital aids on stage at DEFCON, and having his RFID implant cloned on stage at Shmoocon. When not hard at work, Larry enjoys long walks on the beach weighed down by his ham radio, (DE KB1TNF), and thinking of ways to survive the impending zombie apocalypse.

Teresa Pergram

Teresa Pergram

Manager, Finance and Human Resources.

Super Power: Making It Rain

Read More

 Teresa Pergram is responsible for the day to day operation of the finance department, where she works closely with both the CFO & COO .  Her current role also includes Project Management.  Her experience includes 15 years in billing along with working with our Security Agents and Management on many different projects.  Her passion for efficiency and numbers makes her a great fit in both areas. She has a range of key responsibilities from accounting to managing projects, making her an all around contributor and a highly skilled multitasker. These along with her skill of managing client expectations makes her a valuable asset to the InGuardians team in both roles she currently holds.
 

Jaime Thornton

Jaime Thornton

Director of Sales

Super Power: Multi-tasking at the speed of light

Read More

Jaime began her journey with InGuardians in 2011 as a Sales Associate, and is presently the Director of Sales. Jaime spends her days working closely with multiple clients from a variety of industries around the world, overseeing each step of the InGuardians’ sales process. Jaime’s greatest strengths are her creativity, her exceptional writing skills, and her unique ability to skillfully listen and interpret information in order to assist clients with meeting their security assessment needs. Jaime received her BA from Wells College, and her MA from UAB. In addition to her unhealthy obsession with Monchhichis, Jaime has two unwavering convictions: 1) There’s nothing like a good penetration test. 2) David Bowie will always rock!
James Thornton

James Thornton

Sales Associate

Super Power: Legal Document Whisperer

Read More

A die hard Crimson Tide fan, James has been with the InGuardians Team for over four years. He assists with sales, including preparing legal documents and responding to RFPs. After hours he likes to unplug and enjoy time with his family.

Jarrod Frates

Jarrod Frates

Senior Security Analyst

Super Power: Flight and obscure facts

.

Read More

Jarrod Frates has more than a decade of formal security experience, performing in both attack and defensive roles, and has worked as a Senior Security Analyst with InGuardians since 2015. Prior to that, he worked through all levels, from end-user to help desk to sysadmin to building security teams and network operations centers for large corporate enterprises. In the late 1990s, he first saw a demonstration for a remote exploit—gaining shell over FTP—and was hooked. From then on, he incorporated security into his work, encouraging (and sometimes dragging) colleagues and even managers to do the same. In 2004, he got his first formal security job, helping to build a SOC in a county government environment and eventually handling firewalls, IDS, VPNs, incident handling, and just about everything else on the defensive side of the security realm. His first penetration testing job arrived in 2012, and since then he has been bettering his capabilities while also improving the final reports delivered to clients. Jarrod holds the GCIH, GPEN, and GXPN certifications, and is qualified as a SANS Mentor for SEC504 and SEC560, where he led several classes over the last seven years. It’s also not uncommon to find him speaking at various conferences and local functions in the Dallas Fort-Worth area, where he lives. Outside of InGuardians, Jarrod is also the Chief Technology Officer for TheLab.ms, a North Dallas-based makerspace/hackerspace providing free education for technology DIYers. He holds a private pilot’s license and doesn’t get nearly as much time in the air as he would like.

Rob CurtinSeufert

Rob CurtinSeufert

Senior Security Consultant

Super Power: RF armored PJ’s

Read More

Rob CurtinSeufert has spent years in and out of Bank and Credit Union networks. Rob has conducted network, wireless, and web application penetration tests against organizations ranging from 25 million to 10 billion in assets. He also works in incident response and social engineering, both on and off site. He once took over a county from his couch while still wearing his pajamas

Dan Weiss

Dan Weiss

Senior Managing Consultant

Super Power:  The Man With The Plan

Read More

Dan has officially been in the IT industry since 1995, although the DEC Rainbow in his childhood home might argue that the unofficial starting date is closer to 1984. Dan’s undergraduate degree in Creative Writing with a sub-specialty in Pre-Norman Conquest Anglo-Saxon Literature (Underwater Basket Weaving was full) amply prepared him for the start of his career as a COBOL and JCL developer. Dan then moved to web development in the very early days of the internet. His clients spanned a number of industries, including Telecommunications, Shipping, Financial Services and Travel. Dan anticipated the .com explosion and returned to school, where he received his MBA in 2003. Armed with a new suite of skills, Dan took on the role of senior-most IT executive at MedVance Institutes, a chain of medical-only vocational schools. After the sale of the company, Dan founded a consulting company specializing in audit support, custom reporting services and business-centric security offerings, which he ran until joining the InGuardians team. At InGuardians, Dan is responsible for ensuring that the teams are running smoothly, that the clients are getting useful information and that everything is following The Plan. Dan currently holds, or has held, numerous certifications from GIAC, including GSEC, GCIA, GCFA and GWAPT. Dan is currently a member of both the GIAC Advisory Board and Mentor programs. He is a member of ISACA and PMI. He is also a Langevin certified technical trainer. When not at work, Dan is a boardgame enthusiast and designer, a writer, and is hard at work perfecting his plan to take over the world.

Justin Searle

Justin Searle

Director of ICS Security

Super Power: “This Justin does not have Super Cow Powers…”

Read More

Justin Searle is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing. Justin led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and has played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP). Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences. Mr. Searle is currently a Senior Instructor for the SANS Institute. In addition to electric power industry conferences, Justin frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, Nullcon, and AusCERT. Justin co-leads prominent open source projects including the The Control Thing Platform, Samurai Web Testing Framework (SamuraiWTF), Samurai Security Testing Framework for Utilities (SamuraiSTFU), Yokoso!, and Laudanum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), Web Application Penetration Tester (GWAPT), and GIAC Industrial Control Security Professional (GICSP).

Tito Jimenez

Tito Jimenez

Administrative Assistant

Super Power: Useless Trivia

Read More

Tito joined the InGuardians team in 2017. He assists the Sales Department with NDA’s, COI’s, and data compilation. He’s a rabid music fan, musician, travel junkie, and cyclist, who cooks for his kids every day.

Faith Alderson

Faith Alderson

Security Analyst/Software Engineer

Super Power: Functional Programming

Read More

Faith Alderson works as a Security Analyst and Software Engineer with InGuardians, where she is learning the tricks of the trade, and advancing those tricks in new directions. Faith began her journey into technology with little more outside guidance than a Perl book from her father and a lesson on using Google. As a result, she learned how to quickly master new technologies as the needs arose. Her time spent writing Minecraft mods developed her ability to learn how to use something despite sparse documentation, a skill she now applies regularly to Linux man pages. Faith seeks to understand every facet of the systems she works with. She is a programming language polyglot, and has a vast amount of knowledge about everything from synthesizer hardware and microprocessors to high level functional programming abstractions. She has learned that once something is truly understood, it is trivially bent to serve one’s own purposes.
David Mayer

David Mayer

Senior Security Consultant

Read More

Dave is a Senior Security Consultant who started with InGuardians in 2018. Previously he served as VP Red Team for a global financial organization (one of the five largest banks in the United States) where he performed Red Team engagements, internal and external penetration tests, and product testing.  Prior to that he worked within healthcare as an Information Security Professional where he performed penetration testing, vulnerability management, security architecture review, incident response, forensics and managed content filtering, SSL/TLS interception, data loss prevention, and firewall logging.  Dave Mayer graduated from State University of New York at Plattsburgh with a Bachelors in Computer Science. In his spare time, he can be found tinkering with many house projects or reliving his fire department days when he was part of the Fairchild Fire Company in the Morris Township Fire Department. He held numerous positions ranging from Engine, Ladder and Rescue Operator to Battalion Chief. Aside from running into burning buildings, Dave currently holds the following certifications: GIAC GSE, GSEC, GSNA, GCIA, GCFE, GPEN, GXPN, GCIH, GWAPT, GAWN and OSCP

Zlatka Pavlova

Zlatka Pavlova

Marketing and Social Media Specialist

Thomas Hutchison

Thomas Hutchison

Security Systems Administrator

Super Power: 

Read More

Thomas Hutchison has spent a decade in IT & Security working in organizations from startups to global enterprises. Thomas began as an Operations Technician, where applied his system administration skills during the aftermath of the Conficker Worm on hundreds of workstations. He has been a Network engineer and performed network assessments for major medical groups.
 
Thomas continued to develop his growing focus in security as an Information Security Analyst in an aerospace firm, doing security architecture review, incident response, vulnerability management, global application delivery development, threat analysis, nation-state threat actor profiling and reporting. He expanded his interests in a more strategic role as the IT & Security Manager for a global manufacturing company. There he developed and implemented various IT infrastructure projects, as well as established strategies for deploying NIST 800-171 Security controls.
 
“Who knew that I could make a living from some of the very things I could get into trouble for as a kid. In a world of 1’s and 0’s anything is possible.” – Thomas Hutchison
 
When Thomas is not trying to discover how something really works or developing an IT solution, you can find him somewhere in the world watching a soccer match