Skip to main content
Threat Intelligence

Vaughn Thomas

Compliance Engineer & Threat Researcher

Linthicum Heights, Maryland

Connect on LinkedIn

Vaughn is the analyst behind the SOClogix Weekly Threat Awareness Report. He operates at the intersection of regulatory compliance and active adversary tradecraft, turning raw intelligence into briefings that security teams and executives can actually act on.

200+

Threat actor groups tracked

Weekly

Threat briefings published

5+

Years at SOClogix

25+

Years in technology

About Vaughn

Vaughn Thomas is SOClogix's Compliance Engineer and principal threat researcher. Each week he synthesizes intelligence from dark web forums, vendor security advisories, CISA KEV updates, Shodan and Censys exposure data, and real-time telemetry from the SOClogix managed client network - spanning healthcare, financial services, the defense industrial base, manufacturing, and local government - into the Weekly Threat Awareness Report.

He actively tracks over 200 threat actor groups and contributes threat sharing intelligence to multiple ISAC communities. His analysis deliberately bridges raw technical findings and business risk, so compliance teams and CISOs can act on a report rather than just read it.

Vaughn came to security from software quality. He spent more than two decades running software testing programs - first as a director of testing, later managing testing teams, test strategy, and an engineering test lab - before moving into security operations in 2018. That background shows up in the work: threat research done with a tester's discipline, where a finding is not real until it is reproducible, documented, and traced to what it actually breaks.

Areas of Expertise

What Vaughn works on day to day.

Threat Intelligence

Synthesizing dark web forums, vendor advisories, and CISA KEV updates into briefings teams can act on.

Vulnerability Research

CVE analysis, CVSS and exploitability assessment, and tracking what is actually being exploited in the wild.

Exposure Analysis

Shodan and Censys exposure data mapped against client attack surface and active campaigns.

Compliance Engineering

Working at the intersection of regulatory obligation and live adversary tradecraft.

Intelligence Sharing

Contributing threat intelligence to multiple ISAC communities.

Quality & Test Engineering

Two decades leading software testing programs, applied now to methodical threat research.

Career Background

Nearly three decades across software quality engineering and security operations.

Compliance Engineer & Threat Researcher

Current
Nov 2020 - Present Linthicum Heights, MD

SOC Analyst (Security & Compliance Analyst)

Oct 2018 - Nov 2019 Washington DC-Baltimore Area

Software Testing Manager

Apr 2001 - Sep 2018 Towson, MD

Software Testing Consultant

Apr 2000 - Feb 2001 Herndon, VA

Director of Testing

Jun 1996 - Feb 2000 Hunt Valley, MD

Get Vaughn's Briefing Every Week

The SOClogix Weekly Threat Awareness Report covers actively exploited CVEs, emerging campaigns, and what to do about them. Written for security teams and the executives who fund them.