Joel Esler

Open Source Manager & Threat Intelligence Team Lead

Joel Esler earned his stripes in intrusion analysis and incident response working for the U.S. Department of the Army. After earning a reputation for his work with Sourcefire’s Snort open source IDS, Sourcefire hired him in 2005 as a Senior Professional Services Consultant.

Esler quickly rose through the ranks at Sourcefire to become Senior Research Engineer for the Vulnerability Research Team (VRT) and Open Source Community Manager. In that dual role, he was responsible for threat detection created for the company’s Snort and ClamAV projects, as well as management of those open source projects.

In 2013, Esler joined Cisco following the company’s acquisition of Sourcefire. Today, as Threat Intelligence Team Lead and Open Source Manager for the Cisco Talos Security Intelligence and Research Group, Esler’s duties include threat actor tracking and attribution, and identifying new exploits and vulnerabilities “in the wild.” He is also responsible for the Open Source projects that originated at Sourcefire and are now part of the Cisco security solutions portfolio, such as Snort, ClamAV, Razorback, and Daemonlogger.

As part of the leadership for Talos, Esler plays a central role in coordinating the work of and cooperation between team members, who contribute diverse areas of expertise to enhance Cisco security products and help protect customer networks. He attributes his ongoing commitment to a career in security to his passion for solving puzzles and the fact that he loves facing new challenges every day.

Esler is a regular contributor to the Cisco Security and Open Source Blogs:

Previous roles

Prior to joining Sourcefire in 2005 as a Senior Professional Services Consultant, Esler was a contractor for Lockheed Martin. In that role, he worked for Lockheed Martin Information Technologies as a Senior Information Assurance Analyst and Computer Defense and Information Assurance Section Manager at the Regional Computer Emergency Response Team – South.

As a veteran of the U.S. Army, Esler served as a Multichannel Transmissions Supervisor for the U.S. Department of the Army.

More about Joel Esler …

For the past decade, Esler has been an advisor for the SANS certification process, specifically helping students to earn the Global Information Assurance Certification (GIAC) Gold Practical credential. He is responsible for the mentoring of and grading students’ GIAC Gold Papers, which is the core requirement for Gold certification.

Additionally, Esler is a Senior Handler for the SANS Internet Storm Center, a global cooperative cyber threat/Internet security monitor and alert system.

Esler is a co-author of the book, Snort® IDS and IPS Toolkit, published in 2007, and now admits that it is terribly outdated and shouldn't be used as a current manual.

When he’s not tinkering with computers and technology, Esler enjoys working on his 1968 Ford Mustang and spending time with his wife and three children.

From June 2012 to June 2014, Esler served as Mayor and Councilman for the town of Townsend, DE.

Joel Esler's Articles