About TrustFoundry

About Us

Trust Foundry LogoTrustFoundry is an information security firm based in Overland Park, Kansas (a suburb of Kansas City) that focuses on application penetration testing and network penetration testing. We are founded based on the core idea that our advanced and pragmatic understanding of today’s challenges allows us to deliver the most effective results for our customers.

We have worked successfully with both Fortune 100 enterprises to small startups in a large variety of areas, delivering hundreds of successful assessments in our years of experience.

Our goal throughout our work is to improve security as efficiently as possible, which involves carefully listening and understanding our customers. Our attention to our customer’s challenges and focus on their solutions, combined our passion for security, is what allows us to consistently deliver high-quality work.

Experience

Our assessments leverage our extensive knowledge that has been gained over many years. We have over a decade of penetration testing experience in addition to software development and IT consulting experience. This knowledge allows us to understand and provide guidance for our customers. Experience often does not equate to excellence, but experience combined with a passion for security is how TrustFoundry is able to deliver top-tier work.

In combination with regularly performing assessments, TrustFoundry also hones its skillset by focusing on security research, software development, and working closely with industry organizations.

Our goal is to raise the bar for customer satisfaction while helping our customers secure their organizations faster and more efficiently than ever before.

Reasons Our Customers Choose TrustFoundry

  • Testing coverage – Quite simply, we find vulnerabilities that many others miss. If protecting against advanced attackers is in your threat model, our depth of coverage will help secure your product.
  • Ability to understand complex environments – Applications and environments are getting increasingly complex. It is not uncommon today to see over ten deployed technologies in use in a single application. For example, it’s not uncommon today to test a mobile application written in several languages based on a mobile framework that uses custom authentication and authorization, custom cryptography, and communicates over WebSockets to communicate with a server deployed in AWS that’s using a variety of technologies. Our “full stack” understanding allows us to look through each item to identify vulnerabilities in the design and implementation of each component.
  • Understanding of how vulnerabilities impact your environment – We don’t just apply a checklist to your application or network. We think through of each vulnerability in attempt to determine the actual impact. This allows us to eliminate false positives that often get mistakenly reported, and also identify vulnerabilities that can get missed.
Contact TrustFoundry Today

Looking for proven professionals in the industry?

TrustFoundry has successfully worked with both Fortune 100 enterprises and small startups in a large variety of areas.
Contact TrustFoundry Today

Meet the Breakers

Alex Lauerman
Alex LauermanSecurity Consultant
Alex is a penetration tester based in Overland Park, Kansas, which is a suburb of Kansas City. Alex is thankful for being able to spend over 10 years of his life building and breaking applications. He collaborates closely with organizations in securing applications (web, mobile, and thick clients), in addition to penetration testing networks, and devices. Alex specializes in fulfilling challenging engagements that require multiple sets to complete. He enjoys cryptography, software defined radio, reverse engineering, exploitation, and developing tools that can help solve security problems at scale. Alex has presented at both regional and national security conferences, such as SecKC, SecureWorld Kansas City, and BlackHat USA. Alex’s research has been covered by various local and national news organizations.

When not on the computer, he enjoys mountain biking, being outdoors, and continuously learning by reading books and leveraging the awesome resources we have available today.

Alex founded SecKC, which is a non-profit organization which is designed to foster information security in Kansas City with over 1,000 attendees annually. In addition to fostering growth in the area, Alex is also strongly interested in security research and solving challenging security problems in ways that efficiently and effectively improve security. Alex is an Offensive Security Certified Professional (OSCP) and has a B.S. in Computer Science from the University of Kansas.

Matt South
Matt SouthSecurity Consultant
Matt is a penetration tester from Kansas City, Missouri. He specializes in web and mobile application testing, but loves all things security.

He has been an amateur security enthusiast since childhood and was a regular 2600 attendee. After graduating The University of Kansas with a B.S. in Computer Science, Matt spent 6 years as an IT Consultant to local businesses in Kansas City. In 2013, he combined his knowledge of business systems and love for security to become a penetration tester for TrustFoundry. Since then, he has hacked on hundreds of systems. He’s given talks at security events such as SecKC and TriKC. He also had the privilege to present a tool of his own design at BlackHat USA 2015.

When he’s not hacking, you can find Matt fishing with family, traveling with his wife, or killing plants in his garden.

Matt’s favorite types of exploits to find are business logic flaws that an automated scanner would miss. He enjoys asking and answering security-related questions to share knowledge and improve the security community overall. Matt takes the most pride in his reporting because he has the chance to clearly explain the issues to help customers improve their security posture.

Nick Fox
Nick FoxSecurity Consultant
Nick has experience conducting network and application penetration tests for a wide variety of clients, including Fortune 500 companies. Nick works with clients to provide a clear description of security issues and advice on the steps needed for remediation. Drawing on his background as a system administrator, Nick specializes in finding vulnerabilities in enterprise domains and helping to improve system infrastructure. Nick also has a strong programming background and conducts source code audits for companies’ internal and external applications to ensure secure coding practices.

In his free time, Nick likes to read books and listen to podcasts about technology, computer science, and hacking, and frequently competes in Capture-the-Flag (“CTF”) competitions to further develop and sharpen his skills. Nick is also an active security researcher, spending evenings and weekends analyzing commonly used applications for undiscovered vulnerabilities.

Nick has a B.A. from the University of Cincinnati and holds several industry certifications, including Offensive Security Certified Professional (OSCP), CompTIA Security+, CompTIA Network+, and CompTIA A+.

Tyler Rosonke
Tyler RosonkeSecurity Consultant
Tyler is a security professional based in Omaha, Nebraska. His main area of focus is in penetration testing. He loves learning and scripting his way out of a tight spot, which makes this area of security right up his alley. Tyler graduated from the University of Nebraska at Omaha with a B.S. in Information Assurance in 2014.

After graduating, he spent a year on a Red Team for a Fortune 200 company. This position allowed him to not only sharpen his technical skills, but his security evangelism as well. Tyler has completed the Penetration Testing with Kali Linux challenge and has obtained his Offensive Security Certified Professional (OSCP) certification. Tyler is highly involved with the security community. He has contributed to open source projects, he has spoken at security conferences (DefCon), and he writes/operates the ZonkSec security blog.

If Tyler is not banging his head against his monitor, you’ll likely find him in a garage banging his head against a vintage 2-stroke moped or wandering around in the great outdoors.

Why TrustFoundry?

Our assessments leverage our extensive knowledge that has been gained over many years.  We have over a decade of penetration testing experience in addition to software development and IT consulting experience. This knowledge allows us to understand and provide guidance for our customers.  Experience often does not equate to excellence, but experience combined with a passion for security is how TrustFoundry is able to deliver top-tier work.

In combination with regular assessments, TrustFoundry also hones its skillset by focusing on security research, software development, and working closely with industry organizations.

Our goal is to raise the bar for customer satisfaction while helping our customers secure their organizations faster and more efficiently than ever before.