The Pulsar Security Team
The Best and Brightest in the Industry
While many cybersecurity professionals have at least a bachelor's degree in computer science or other related fields, Pulsar Security prefers candidates with additional certifications to validate knowledge of cybersecurity best practices. A look into the team's certifications reveals that Pulsar's engineers have the industry's most esteemed and advanced cybersecurity credentials. Besides that, having the credentials denotes a mastery of a global standard for effective and reliable cybersecurity.
Why Our Experts' Credentials are a Priority
The benefits of our engineers' certifications are multifaceted, particularly in the cybersecurity space, where capabilities require more than just work experience to ensure an expert can address the latest technologies and security challenges. First, Pulsar Security experts have demonstrated an in-depth understanding of modern cybersecurity concerns and strategies and proven years of professional, hands-on implementation experience. Simply put, the certifications provide a benchmark for the teams' skills and capabilities.
Our clients and partners can independently validate our knowledge and experience with the certification bodies, giving complete confidence that Pulsar engineers are skilled and can perform tasks ethically.
Our credentials also attest to our professionals' character. Pulsar team comprises certified engineers who meet a high capability standard and commit to upholding the code of ethics. The paths to virtually all the certifications require the credential holder to attest to their integrity and probity.
Some of our experts' certifications require continuing professional education (CPE) credits to demonstrate that the engineers invest in keeping up-to-date with cybersecurity's latest technologies and developments. CPE is vital in a field that keeps changing by the hour as cybercriminals advance attack sophistication.
Popular Certifications Held by the Pulsar Security Team
Each member of our team holds advanced security certifications.
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Security Professional (CISSP) is the world's premier cybersecurity certification. Earning the CISSP credential proves that you have what it takes to design, implement, and manage a best-in-class cybersecurity program. The certification that originated from the U.S. has grown exponentially worldwide due to its depth, breadth, and relevance to global industry.
The certification covers eight domains: security and risk management, asset security, security architecture and engineering, communications and network security, identity, and access management. Other areas covered in CISSP include security assessment and testing, security operations, and software development security.
Official data show that only 147,591 ISC2 members hold the CISSP certification worldwide. Vaughn Temple, our senior security consultant and researcher, emphasizing red teaming and exploit development, has the esteemed CISSP credential.
GIAC Security Expert (GSE)
GIAC Security Expert Certification is a prestigious IT security credential developed by subject matter experts and top industry practitioners. The performance and hands-on based certification proves that our engineers have genuinely mastered the wide variety of skills required by top security consultants. Undoubtedly, individuals who earn any GIAC certifications have worked hard, demonstrated essential technical skills, and should rightfully take pride in the accomplishment. Our engineers have made more effort than just learning. They have mastered the essential elements of information security to become the elite and top practitioners of information security.
GIAC Reverse Engineering Malware Certification (GREM)
Pulsar Security does a lot of malware assessment and analysis as part of security research. The team deploys various approaches, tools, and techniques to reverse engineer prevalent and complex malicious programs. Ultimately, reverse engineering, one of the greatest threats that organizations face today, is essential in protecting systems and data from cybercriminals. The best way to reverse engineer malware proficiently is to acquire the appropriate malware analysis skills.
The GIAC Reverse Engineering Malware (GREM) certification is designed for security experts and technologists who protect organizations from malicious code, more commonly referred to as malware. Typically, GREM certified technologists possess the knowledge and skills to reverse-engineer malicious software that targets systems like Microsoft Windows, web browsers, and web applications. By and large, the professionals understand how to examine inner-workings of malware in the context of forensic investigations, incident response, and Windows system administration.
Some of the primary areas that the GREM certification covers include analysis of malicious document files, protected executables, and web-based malware. The certification also provides a comprehensive analysis of malicious browser scripts and malicious executables. Other than that, GREM certificate holders get trained on malware analysis using memory forensics, malware code, and behavioral analysis fundamentals.
Jason Nickola, our Chief Operating Officer and Senior Security Consultant in charge of managing the enterprise software and security services team, is a GREM certification holder. Jason believes that the knowledge gained by successfully mastering this certification brings together all the information he has already acquired and fills in the gaps that he has in reverse-engineering malicious codes.
GIAC Assessing and Auditing Wireless Networks (GAWN)
With the deployment of Wireless LANs everywhere, assessing and auditing wireless networks has become popular and demands services to ensure that Wi-Fi networks are safely configured to prevent attacks. The objective is to determine the level of security of the wireless infrastructure and identify all access points and vulnerabilities that a network could produce.
The GIAC Assessing and Auditing Wireless Networks (GAWN) certification is an appropriate avenue for attaining the skills technologists require to assess the security of a wireless network. The certification focuses on the different security mechanisms for wireless networks, the tools and techniques used to evaluate and exploit weaknesses, and techniques deployed to analyze wireless networks. Apart from gaining experience using tools to assess networks, GAWN holders understand how the tools operate and the weaknesses in protocols they evaluate.
Some of the areas covered in GAWN certification include attacking weak encryption, 802.11 fuzzing attacks, Bluetooth attacks, bridging the air gap, denial of service on wireless networks, and high-frequency RFID attacks. On top of that, professionals gain experience in practical SDR attacks, rogue networks, sniffing wireless networks, and wireless client attacks.
Ahren Thielker, our network security engineer and physical security consultant, is a GAWN certificate holder. Ahren believes in personal development and employs this in continually advancing his own impressive skill set and empowering others to do so as a founding officer of nonprofit organization TechRamp and organizer of the BSides New Hampshire conference. Also in the list of GAWN whizzes is Tim Connell, our Head of Enterprise Products working to guide the team in creating solutions that satisfy the needs of real-world customers. Jason Nickola (COO) is also GAWN certified.
Offensive Security Experienced Penetration Tester (OSEP)
Security professionals and technologists earn the Offensive Security Experienced Penetration Tester (OSEP) certification after going through the Evasion Techniques and Breaching Defenses (PEN-300) course and passing the exam. The advanced penetration testing course builds on the knowledge and techniques learned from handling penetrating testing with Kali Linux. OSEP certified professionals perform advanced penetration tests against mature organizations with an established security function.
OSEP certification enhances the skills needed to bypass security mechanisms that organizations put in place to block attacks. Some of the topics covered include operating systems and programming theory, client-side code execution with office, client-side code execution with Jscript, process injection and migration, introduction and advanced antivirus evasion, and application whitelisting. Other areas include kiosk breakouts, bypassing network filters, Windows and Linux lateral movement, Microsoft SQL attacks, and Active Directory exploitation.
Pulsar Security members with the OSEP certification include Duane Laflotte (CTO), Jarrod Laflotte (Researcher, Senior Security Consultant), and Vaughn Temple (Researcher, Senior Security Consultant). The professionals have learned an incredible number of techniques and fundamental concepts from the PEN-300 materials and lab exercises. They actively apply these techniques in the day-to-day work, effectively increasing the team's skillset in a meaningful way.
Offensive Security Certified Expert (OSCE)
The Offensive Security Certified Expert (OSCE) Certification proves mastery of advanced penetration testing skills. The advanced penetration testing certification focuses on exploit development that allows Pulsar engineers to craft their exploits, compromise systems, and gain administrative access while testing systems. OSCE holders have skills like advanced exploitation, antivirus evasion, backdoored files, debugging, and web attacks, among others. The certification demonstrates that our experts have an above-average degree of determination, persistence, and ability to perform under pressure.
Offensive Security Web Expert (OSWE)
Security experts who take the Advanced Web Attacks and Exploitation (WEB-300) course and pass the exam earn the Offensive Security Web Expert (OSWE) certification, demonstrating mastery in exploiting front-facing web apps. WEB-300 covers various areas, including performing deep analysis on decompiled web app source code, identifying logical vulnerabilities that many enterprise scanners cannot detect, combining logical vulnerabilities to create PoC on a web app, and exploiting vulnerabilities by chaining them into complex attacks.
Undoubtedly, OSWE holders have a clear and practical understanding of the web application assessment and hacking process. Our OSWE certified professionals, including our CTO Duane Laflotte and Wayne Marsh (Principal Software Engineer and Senior Security Consultant), have proven their ability to review advanced code in web applications to identify and exploit vulnerabilities. Duane believes that OSWE is a fantastic training course and a valued certificate in the industry, especially for technologists working as penetration testers or security consultants.
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) validates our experts' abilities to find and mitigate significant security flaws in networks and systems. Some of our engineers are GXPN certified, proving they have the skills to conduct advanced penetration tests and model attackers' behavior to improve system security and the knowledge to demonstrate business risks associated with malicious attacks. GXPN equips professionals with skills in accessing and exploiting the network, advanced fuzzing techniques, stack smashing, client exploitation and escape, and crypto for pen testers.
Vaughn Temple, our researcher and senior security consultant, is GXPN certified. Jarrod Laflotte, Jason Nickola and Wayne Marsh also hold the GXPN certification, proving that the engineers have the knowledge, skills, and ability to conduct advanced penetration tests and model the abilities of advanced attackers to identify system security flaws.
Certified Ethical Hacker (CEH)
Certified Ethical Hacker (CEH) teaches professionals the latest commercial-grade hacking tools, techniques, and methodologies that cybercriminals and information security professionals use to attack an organization. CEH certification is mapped to the NICE 2.0 framework's specialty areas, such as protecting, defending, analyzing, and secure IT provisioning.
What's more, the certification gives a greater focus on 18 latest attack vectors, including the AWASP top 10, IoT hacking, vulnerability analysis, advanced persistent threats, fileless malware, web API threats, webhooks, web shell, OT attacks, cloud attacks, artificial intelligence, and machine learning. On top of that, CEH equips candidates with the modern exploit technologies they need to improve their exploit development by learning about existing and new vulnerabilities.
Several engineers in our acclaimed team have the CEH credential, starting with Duane Laflotte, our Chief Technology Officer, who works to resolve complex technical issues for the team and partners. We take pride in Jason Nickola, who also holds the CEH certification.
CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions. More corporations and defense organizations choose Security+ to validate baseline security skills and fulfill the DoD 8570 Compliance. The certification proves hands-on practical skills, ensuring an engineer is better prepared to discover solutions to various security issues. In addition to that, Security+ is aligned to the latest techniques and trends, including risk assessment and management, incident response, forensics, hybrid and cloud operations, enterprise networks, and security controls, ensuring secure and high-performance business operations. Several of our engineers, including CTO Duane Laflotte, COO Jason Nickola, QA Lead Corey Belanger, Head of Enterprise Products Tim Connell, and DevOps Lead Steven Steinberg.
Offensive Security Wireless Professional (OSWP)
Our experts have earned the Offensive Security Wireless Professional (OSWP) certification after successfully completing the Wireless Attacks (PEN-210) course that introduces students to the skills needed to audit and secure wireless devices. The certification assures our clients that the team has the necessary expertise to identify vulnerabilities in 802.11 networks and execute controlled attacks.
Tim Connell, an OSWP holder, finds the certification to be both exciting and possibly challenging at the same time. OSWP is built on the need for practical-based learning in cybersecurity, with a greater appreciation of the in-depth theory of wireless attacks. Pulsar's professionals can comfortably review and combat wireless attacks.
Offensive Security Certified Professional (OSCP)
Offensive Security Certified Professional (OSCP) focuses on penetration testing methodologies and the use of security testing tools included with the Kali Linux distribution. The hands-on penetration testing certification requires holders to attack and penetrate different live machines successfully. OSCP is a technical hacking certification, showing our team possesses the practical penetration skills required to secure systems and networks.
Duane Laflotte, our CTO, who works to resolve complex technical issues for the team and its partners, has achieved the OSCP certification. During the certification journey, Duane found the labs quite fun, at least most of the time. With the OSCP practical, nothing is off-limits, and certificate holders are free to test any tools and methods. Jason Nickola, a lifelong learner and accomplished instructor and presenter, is also an OSCP holder. Other OSCP certified engineers in the team include Corey Belanger (QA Lead), Tim Connell (Head of Enterprise Products), Jarrod Laflotte (Senior Security Consultant), Wayne Marsh (Principal Software Engineer), Steven Steinberg (DevOps Lead), and Vaugn Temple (Senior Security Consultant).
GIAC Web Application Penetration Tester (GWAPT)
The GIAC Web Application Penetration Tester (GWAPT) Certification validates our practitioners' ability to better secure organizations through penetration testing and an in-depth understanding of web application security challenges. We delight in our GWAPT certification holders for they demonstrate knowledge of web application exploits and testing methodologies. They have extensive knowledge in configuration testing and web application attacks, such as SQL injection, authentication exploits, cross-site request forgery and scripting, and client injection attacks. Other areas of expertise include web application session management, reconnaissance, and mapping.
Pulsar Security's QA Lead, DevOps Lead, Network Security Engineer, and Software Engineer are among the team members holding the GWAPT certification.
GIAC Certified Penetration Tester (GPEN)
GIAC Certified Penetration Tester (GPEN) certificate validates our practitioner's capabilities to conduct a penetration test appropriately, using best practice techniques and methodologies. Our GPEN certified engineers have the expertise to conduct exploits, engage in detailed reconnaissance, and utilize a process-oriented approach to penetration testing projects. They have skills such as comprehensive pen-testing planning, scoping, in-depth scanning and exploitation, post-exploitation, pivoting, web application penetration testing, and in-depth password attacks.
The team at Pulsar Security looks forward to leveraging our experience and proprietary tools to protect your business against malicious attacks.