Antoniy Nikolaev Email & Phone Number

San Francisco, California, United States

• Delivering new core features and improvements to the API Abuse Prevention - a module of the Wallarm platform that delivers detection and mitigation of bots performing API abuse actions like credential stuffing, fake.
• Designing new complex modules, including architecture design, algorithms description, and RFCs preparation
• Performing code, documentation, and RFC reviews

San Francisco, California, United States

• Developed API Abuse Prevention - a module of the Wallarm platform that delivers detection and mitigation of bots performing API abuse actions like credential stuffing, fake account creation, content scraping, and others
• Developed highly effective bot detection mechanisms using various approaches to many complex features and metrics, including statistical, mathematical, and ML-based methods, anomaly and outlier detection, behavior.
• Performed data analytics and research of state-of-the-art bot detection methods; implementing new methods and ideas as Production-level modules and PoC solutions as a result

San Francisco, California, United States

• Developed the first concept version of a bot detection and prevention mechanism as a multi-component system, including a browser-based JavaScript agent (written in TypeScript) and backend core (written in Golang)
• Developed various tools for testing bot detection systems, such as stealth bots and modified HTTP clients (written mostly in Python)
• Implemented and designed various techniques for behavioral analysis of user actions (mouse movements and triggered page actions analysis, page navigation behavior, behavioral patterns, etc.)
• Analyzed whitepapers and scientific works in the field of bot detection, prevention, and mitigation
• Participated in the development of the GoTestWAF as a researcher and Go developer - a tool for API and OWASP attack simulation that supports a wide range of API protocols including REST, GraphQL, gRPC, WebSockets.

• Performed AI security research and analytics in stealth mode AI startup company (NDA)
• Evaluated attacks and defense methods on TensorFlow and PyTorch models using Adversarial Robustness Toolbox (ART) Framework, DEEPSEC Framework and other tools, mostly in the image prediction domain
• Analyzed state-of-the-art whitepapers on various adversarial attacks on classifiers

Novosibirsk, Russia

• Gave lectures on bot detection methods and techniques
• Analyzed existing well-known solutions on the market, their pros and cons, as well as evasion techniques
• Led the development of the bot mitigation system in Go (as backend service) and TypeScript (as a client-side agent) with a group of 5 students

Tomsk, Russia

• Actively participated in the development of the Perimeter Scanner (Automated Network Scanner) and PhishZone (Phishing Attacks Simulation Framework) services as a Python developer - developed new modules, implemented.
• Developed vulnerability and exploit database service in Python (Tornado, MongoDB, ElasticSearch)
• Developed customizable advanced web application fuzzer using language processing and lexical analysis approaches in Python (Aiohttp, Asyncio, NLTK)
• Developed security-related scanners and modules as scalable workers and microservices in Python and Lua (as Nmap Script Engine language) (RabbitMQ, PostgreSQL, Docker, docker-compose)
• Spoke at Black Hat Asia, OFFZONE, PHDays, Data Fest Siberia, POC security conferences about my own projects and research results
• Attended professional conferences such as PyCon, OFFZONE

Tomsk, Russia

• Participated in white-box security analysis projects and penetration testing projects
• Developed automation tools for scanning and analyzing Internet resources in Python (using Shodan API, Censys API, Nmap Network Scanner, Masscan Network Scanner, self-made Nmap Lua Scripts)
• Developed custom Burp Suite scanner plugins in Jython and Java, familiar with Burp Suite Professional Edition's REST API

Novosibirsk, Russia

• Gave lectures on Open-Source Intelligence, Network Reconnaissance, and Information Gathering topics
• Led the development of the Open-Source intelligence framework in Python with a group of 15 students

Tomsk, Russia

• Developed Internet scanning tools and modules in Python and Lua (Nmap scripts) to enumerate and fingerprint SD-WAN appliances using active network scanners and services such as Censys, Shodan
• Identified various security problems in SD-WAN products using manual techniques and automation tools
• Spoke at Zeronights 2018 conference

Tomsk, Russia

• Participated in MaxPatrol 8 product development as a Python developer
• Developed audit and compliance modules in Python
• Implemented CIS Benchmarks for Windows in Python

Tomsk, Russia

• Developed a security scanner as a result of the internship
• Used various protocols (SSH, WMI, SNMP) to identify problems and misconfiguration on target systems