Vaughn Thomas
Compliance Engineer & Threat Researcher
Linthicum Heights, Maryland
Connect on LinkedInVaughn is the analyst behind the SOClogix Weekly Threat Awareness Report. He operates at the intersection of regulatory compliance and active adversary tradecraft, turning raw intelligence into briefings that security teams and executives can actually act on.
200+
Threat actor groups tracked
Weekly
Threat briefings published
5+
Years at SOClogix
25+
Years in technology
About Vaughn
Vaughn Thomas is SOClogix's Compliance Engineer and principal threat researcher. Each week he synthesizes intelligence from dark web forums, vendor security advisories, CISA KEV updates, Shodan and Censys exposure data, and real-time telemetry from the SOClogix managed client network - spanning healthcare, financial services, the defense industrial base, manufacturing, and local government - into the Weekly Threat Awareness Report.
He actively tracks over 200 threat actor groups and contributes threat sharing intelligence to multiple ISAC communities. His analysis deliberately bridges raw technical findings and business risk, so compliance teams and CISOs can act on a report rather than just read it.
Vaughn came to security from software quality. He spent more than two decades running software testing programs - first as a director of testing, later managing testing teams, test strategy, and an engineering test lab - before moving into security operations in 2018. That background shows up in the work: threat research done with a tester's discipline, where a finding is not real until it is reproducible, documented, and traced to what it actually breaks.
Areas of Expertise
What Vaughn works on day to day.
Threat Intelligence
Synthesizing dark web forums, vendor advisories, and CISA KEV updates into briefings teams can act on.
Vulnerability Research
CVE analysis, CVSS and exploitability assessment, and tracking what is actually being exploited in the wild.
Exposure Analysis
Shodan and Censys exposure data mapped against client attack surface and active campaigns.
Compliance Engineering
Working at the intersection of regulatory obligation and live adversary tradecraft.
Intelligence Sharing
Contributing threat intelligence to multiple ISAC communities.
Quality & Test Engineering
Two decades leading software testing programs, applied now to methodical threat research.
Career Background
Nearly three decades across software quality engineering and security operations.
Compliance Engineer & Threat Researcher
CurrentSOC Analyst (Security & Compliance Analyst)
Software Testing Manager
Software Testing Consultant
Director of Testing
Published Research
The most recent editions of Vaughn's Weekly Threat Awareness Report.
Get Vaughn's Briefing Every Week
The SOClogix Weekly Threat Awareness Report covers actively exploited CVEs, emerging campaigns, and what to do about them. Written for security teams and the executives who fund them.