building a small cyber security research firm

Appointed as Secretary for Null Society.

This profile lists all my personal projects which i have undertaken during my personal time and most of them would be provided to community for free.This includes at the very least:1) AndroidTamer Project (www.androidtamer.com)2) Codevigilant Project (www.codevigilant.com)3) Hacking Archives of India (https://hackingarchivesofindia.com)4) Various whitepapers and technical blogs i write (blog.anantshri.info)Will keep adding more as and when required.

Consulting* Grew the team from 20 - 40 consultants and setup a organizational hierarchy* Expanded consulting in newer areas: Cloud Pen-testing and DevSecOps ConsultingTraining* Converted fully in-person training offerings to full virtual offering.* Introduced various gamification methods to enhance interactivity in virtual offering mode* Started offering public trainings for the courses offered by the organization.

Consulting * Grew the team from Employee 1 (Myself) to a 20 pen tester strong team.* Managed operations and delivery aspect of penetration tests and other engagements of the organizationResearch and Development* Deeply technical articles which got referred and recognized by multiple authorities.* Various opensource tools to help the overall security communityTrainings* Led the course development for entire portfolio including offensive and defensive courses from scratch.* Led and Delivered most sought after trainings at some of the biggest training platforms, including but not limited to BlackHat (USA/EU/Asia) and many more

* Helped multiple organizations in securing the environments. * The approach has been inclusive and collaborative, working with the organization's team. * Instead of creating dependencies, on myself focused on building the teams by providing education and hands on environments to enhance the technical capabilities of the organization's internal teams. * Focus Areas - Penetration testing and internal assessment for vulnerability detection.- Server Hardening and internal security practices to prevent attacks.

* Executed 50+ projects ranging from Web Apps, Network & Mobile Pen-testing* Received multiple client appreciation for job well done* Create Internal Documents for Mobile Security, ColdFusion Attacks and more* Responsible for Internal Bug Tracking System & Linux Servers

* Responsible for Web Application Security Testing and Audit of client Portals.* Creating Awareness about secure coding practices in various parts of organization.* Generating bi-monthly assessment report and helping teams to close the issues.* Responsible for assessment of automation tools, latest trends to enhance the current security testing practices, update and enhance the standards used in company* Involved in Organizational activities including drafting RFP responses* Running internal Newsletter on Security and Cloud related awareness.

DataBase Log Review automation* Automate log review process for data input set of >100 GB per month. (CSV format).* Generating reports as per compliance requirements.* Routine health monitoring of devices.* Remote monitoring using self implemented MRTG + nagios solution.* Design rules for Guardium appliances for automatic periodic alerts.Vulnerability Assessment Reporter (VA Reporter)* Responsible for designing the framework of Tool* Responsible for false positive logic building and cross referencing.* Responsible for the deliverables preparation to the client i.e. report and presentation* Responsible for the preparation of case study of the project to be presented to senior managementAdditional Responsibilities* Responsible for Analysis and review of VA report, Websense (Web filter), Guardium (Db monitoring)* Performing housekeeping of inventory management to keep it as close to live environment as possible using reverse check’s from VA Scan’s, AV log’s and other environmental inputs using self made scripts and automation tools.* Initiated and successfully setup a remote health monitoring tool for 30+ appliances.

Server Admin for TELUS DAT project.* Installation and Setup of WAMP and LAMP Servers.* Installation of File Sharing Server (FTP, NFS, Samba), SVN server.* Installation of Tomcat Server.* Regular Backup and cleanup scripts for DataBase Servers.* Maintenance of Project Management Portal.In charge for process improvement initiative through Automation.* Mailbox Automation through VBA Macro.* Excel Sheet based information system to Web Portal using PHP.* JavaScript Based Webpage Logic to reduce need of Excel Sheets.Telecom Order management System* Working on Project Management System for DAT Project. Report generation and Project Related Planing and Scheduling Efforts.* Security Features Implementation (SQL Injection and XSS) in Project Management System.* Technologies Used : JSP , PHP, MySQL, AJAX, VBA.

Carrier oriented Session on * Linux apache mysql php i.e. LAMP stack* Linux system and server administration.Workshops on * Open Source* Ethical Hacking* Web 2.0