Profile
Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances or his postings about cybersecurity.
Expertise
- Incident Response
- Digital Forensics
- Threat Modeling
- Penetration Testing
- Security Architecture
Qualifications
Achievements & Contributions
- Two-Time Winner of the Annual DC3 Forensics Challenge
- Speaker at information security conferences such as Black Hat, DEF CON, ShmooCon, RSA, and DC3
- Designated a Master Computer Network Exploitation (CNE) Operator by the NSA
- Former Vulnerability Analyst at US Department of Defense
- Former Senior Systems Engineer at Dell Services
Certifications & Credentials
- MSIA, Information Assurance –Capitol College
- GSE, GSNA, GCFE, GREM, GCWN, GCIA, GCIH, GPEN, GCFA, GXPN, GSEC –GIAC
Upcoming Events
View More
October 16 2025
IANS Emerging Issue Briefing: Recent Supply Chain Compromises: Implications, Assessments and Defenses
The past month has seen a variety of supply chain compromises. In this emerging issue briefing, we’ll delve into the pertinent implications of those compromises for CISOs and their teams. On the third-party services side, we'll discuss the continuing fallout from recent Salesloft, Red Hat and Oracle breaches. Then we'll discuss impacts from software component supply chain issues, including npm, RubyGems and an attempted PyPi package takeover. We’ll also examine the first known (but certainly not the last) backdoor in an enterprise MCP server. Finally, we'll explore what orgs should be doing to respond to existing incidents and position themselves to be maximally resilient to future supply chain security attacks.
November 11 2025
2025 Q4 Symposium: Agentic AI: Understanding and Securing the Next Wave of AI Systems
The buzz around Agentic AI – the latest form of AI systems designed to autonomously make decisions and act – is rampant. As security leaders grapple to understand the nuances of this next wave of AI excitement, there are many considerations to take into account to determine if, where and how to experiment and accelerate its use within your environment. In this symposium, IANS Faculty Jake Williams cuts through the noise and shares practical insights and recommendations to aid your understanding of the technology, its risks and guardrails for adoption within your enterprise.