Profile
Joe has worked in numerous commercial sectors, which has given him extensive knowledge of cyber threats, tools, and tactics, including threat emulation and threat detection. Today, Joe is co-owner of MINIS, a security consulting company specializing in expert-level penetration testing, red team operations, cyber threat analysis, cyber threat emulation and replication, application security, vulnerability assessment and mitigation, and incident mitigation.
Joe joined SANS as an instructor in 2016. Joe loves seeing in his students the same determination that drives his own passion for technology. His favorite classroom interactions involve helping students overcome their doubts in their abilities, and seeing them thrive even in the face of setbacks. Joe's students not only gain access to his wealth of knowledge, they also get a mentor who teaches them how to engage, thrive, and enjoy their work in the InfoSec field.
Joe has a variety of professional certifications, including the OSCP, CISSP, GWAPT, GPEN, GCIA, and GMOB. When he's not teaching, running a company or evangelizing about cybersecurity, you'll find Joe out skateboarding with his son.
Qualifications Summary
- Expert with more than 17 years of experience in red teaming, penetration testing, and application security
- Co-owner of MINIS, a cyber and information security consulting company
- Former Department of Defense Red Team Technical Lead
- Course co-author and instructor for SANS SEC564: Red Team Operations and Threat Emulation
- Technical editor for the Red Team Field Manual (RTFM)
Get to Know Joe Vest
Presentations
- SANS Webcast: "Breaking Red - Designing IOCs Using Red Team Tools"
- SANS Webcast: "Breaking Red - Understanding Threats through Red Teaming"
- Presentation at Bsides Huntsville, AL "Web Shells as a Covert Channel"
- Conference Speaker at TakeDownCon 2015, Huntsville, AL: "Web App Security for the Rest of Us"
- Presentation at the ISSA Cyber Security Summit 2015, Huntsville, AL: "IT Security Myths"
- Conference Speaker at TakeDownCon 2014, Huntsville, AL: "IT Security Myths - How You Are Helping Your Enemy"
Certifications
- OSCP - Offensive Security Certified Professional
- CISSP® - Certified Information Systems Security Professional
- CISSP®-ISSMP - CISSP® Information Systems Security Management Professional
- CISA - Certified Information Systems Auditor
- GPEN - GIAC Certified Penetration Tester
- GCIH - GIAC Certified Incident Handler
- GWAPT - GIAC Certified Web Application Tester
- GCFA - GIAC Certified Forensics Analyst