Tony Cook is the Senior Director responsible for DFIR & Threat Intelligence on GuidePoint Security’s consulting team, where he manages digital forensics, threat intelligence and incident response engagements on behalf of the firm’s clients. His career background includes high-level national security activities in cybersecurity operations for several clients over various verticals.

Tony joined the GuidePoint team from Palo Alto/The Crypsis Group where he was a DFIR Director and led the Threat Intelligence team, including Malware Analysis & Purple Team/Threat Hunting. Prior to that Tony spent several years working as a principal consultant for RSA NetWitness, a computer and network security company, where he managed teams of consultants responding to incidents, hunting advanced persistent threats, penetration testing, and helping clients harden their networks against attack. During his time at RSA, he helped several SOCs mature their threat hunting capabilities from non-existent to fully established successful hunt teams.

Previously, he was the cyber security operations architect and incident response director at the network security operations center of the Space and Naval Warfare Systems Center (SPAWAR), which is now known as the Naval Information Warfare Systems Command. While there, he developed the SOC from a five-person monitoring team to 60 analysts running a fully certified SOC providing threat intelligence, event detection, rapid response, and root cause analysis. He was responsible for implementation, analytics, and development for a wide range of cyber security issues and activities.

Prior to this, Tony was the Malware Analysis & Digital Forensics officer at the Naval Cyber Defense Operations Command, where he managed a team of 28 analysts in providing swift and accurate forensics/malware analysis. He served as a liaison with several defense department and intelligence agencies on collaboration efforts, and he authored a certified training course for analysts on forensic analysis and malware reversal.

Tony has also managed forensics and incident response at the U.S. Joint Forces Command and has worked as a security engineer for Raytheon at NASA’s Langley Research Center. He began his career with the Navy, where he served as lead system administrator on the USS Enterprise. He holds a bachelor’s degree in information security from Colorado Technical University, as well as a broad range of certifications in IT security.