Cobalt Taps APT Veteran Christopher Elisan to Lead Offensive Security Research
- Cyber Jack
- 36 minutes ago
- 2 min read
New appointment signals firm’s deepening investment in adversary-informed pentesting and community-driven threat intelligence
Cobalt has appointed renowned malware analyst and APT researcher Christopher “Tophs” Elisan as Director of Offensive Security Research and Community. The hire marks a notable shift in Cobalt’s posture from traditional pentesting services toward intelligence-led, adversary-aware methodologies.
Elisan, best known for authoring Malware, Rootkits & Botnets and contributing to Hacking Exposed: Malware and Rootkits, brings decades of experience across threat research, malware dissection, and attacker infrastructure analysis. His work has helped define modern understandings of threat actor behavior, and now he’ll guide Cobalt’s efforts to operationalize threat insights at scale through its pentesting-as-a-service (PTaaS) model.
“Tophs brings a wealth of experience in offensive security and threat research, perfectly aligning with our focus on proactive, real-world security testing,” said Gunter Ollmann, Cobalt’s Chief Technology Officer. “His insights into the tactics, techniques, and procedures of advanced adversaries will significantly enhance our ability to stay ahead of evolving threats and deliver actionable intelligence to our customers.”
Previously, Elisan held senior research and leadership roles at firms including RSA NetWitness, Polyswarm, Flashpoint, F-Secure, and Trend Micro. His technical acumen, paired with his strategic understanding of threat actors’ motivations and mechanics, positions him to lead a major transformation of Cobalt’s Core—its elite community of over 450 vetted pentesters. In this new role, Elisan will focus on codifying offensive security into a repeatable science, bridging pentesting with live threat intel to anticipate and simulate cutting-edge attacks.
“The Cobalt Offensive Security Platform, combined with cutting-edge threat research, enables us to provide organizations with critical intelligence that helps them defend against advanced threats before they can cause harm,” said Elisan.
The appointment comes as organizations continue to recalibrate their security investments around proactive measures, moving away from reactive detection models. With cloud proliferation, rapid development cycles, and attack automation, the need for adversary-emulated security testing has never been higher. Elisan’s directive includes identifying emerging vulnerabilities, mapping new threat actor TTPs, and producing real-time, actionable recommendations that can feed directly into enterprise remediation workflows.
Cobalt’s PTaaS model, which blends human expertise with automation and integrates directly into DevSecOps pipelines, has positioned it at the forefront of agile security testing. The company’s growing investment in community leadership and research reinforces its ambition to turn pentesting into a continuous feedback loop—where threat insights not only guide testing strategy but accelerate defense hardening.
By formalizing Elisan’s research role within its offensive security platform, Cobalt aims to deliver more than just vulnerability reports. It’s doubling down on threat-informed defense.
“Cybersecurity is evolving at an unprecedented pace,” Elisan said. “I’m thrilled to join Cobalt at this critical moment, where real-time adversary insight can be the difference between resilience and exposure.”
