Zach helps secure organizations through offensive security—whether that’s penetration testing, application security, or red teaming. He spent the first few years of his career in administration and application development, and the last ten in information security. In his information security career, Zach has primarily performed penetration testing but has also performed AWS security engineering and architecture, and built application security and red team programs from the ground up. He currently holds the OSCP, GREM, and CISSP certifications.
Zach enjoys researching information security topics and publishing his research. His projects include red team telemetry, the changeme default password scanner, and Sticky Keys Hunter. He gives back to the security community through open source contributions, presentations, and volunteering for the Wisconsin CCDC red team. Zach has presented at security conferences including DerbyCon, BSides Chicago, and Milwaukee OWASP.
In his free time, he enjoys spending time with his family and playing guitar.