A passionate application security researcher. My research interests lie primarily in the general area of cybersecurity , with an emphasis on large-scale network security analytics and advanced threat detection. My research applies learning techniques on large-scale network traffic and malware data for predictive analytics, anomaly detection, pattern discovery and risk scoring. Previous work include botnet detection, malware analysis, signature generation, sensor network, routing protocol security.Causes of vulnerabilities and designing practical solutions to protect security, privacy and integrity of various applications and systems (e.g., computers, mobile devices, networks, etc)Specialties:Cyber securityNetwork SecurityRisk AnalysisHackingSecurity threat analysis (e.g., worms, spam, botnets)Malware reverse engineering
-
Sr. Application Security ConsultantAmerican Family Insurance Nov 2020 - PresentMadison, Wi, Us -
Sr. Application Security ConsultantExxonmobil Jan 2018 - Oct 2020UsParticipated in the implementation of AWS Cloud security for applications deployed in the Cloud.Security assessment of online applications to identify the vulnerabilities in different categories like Input and data Validation, Authentication, Authorization, Auditing & logging. Performed security assessment of PKI Enabled Applications. Developed threat modeling framework (STRIDE, DREAD) for critical applications. Identified potential threats and developed mitigating controls for the applications during the development phase.Reviewed source code (Java/J2EE/Spring/FTL/JavaScript) and developed security filters within AppScan for critical applications. -
Sr. Information Security ConsultantNorthern Trust Corporation Jan 2016 - Dec 2017Chicago, Illinois, UsImplemented IBM AppScan standard, source editions, HP WebInspect and QualysGuard web application scanners. In addition, the security tools Metasploit and BurpSuite were utilized for manual penetration testing.Performed security assessments for the client-facing apps. The associated IT infrastructure such as database management systems, middleware systems, web services (SOA) were also included in the security assessments.Performed Static and Dynamic Analysis and Security Testing (SAST and DAST) for various applications as per firm’s security standards (i.e., OWASP, SANS 25).Developed security policies and baselines for mobile and web applications. Performed compliance audits to ensure security policies and baselines have been adequately implemented.Worked with Internet Engineering team in the design and configuration of BlueCoat Internet proxy. Implemented WebFilter database for URL content Filtering. -
Information Security EngineerIt Serve Solutions Mar 2013 - Sep 2015Performed penetration testing for external facing web applications. Security areas covering DMZ architecture, threat modeling, secure coding practices (i.e., OWASP standards) and vulnerability analysis were assessed.Conducted security assessments for various applications supporting Corporate & Investment Banking, Loan, Treasury, Equities and FI businesses. The web application infrastructure such as IBM WebSphere, Apache Tomcat, and IIS web/application servers were reviewed for compliance to firm’s security baselines.
Frequently Asked Questions about Prasad D
What company does Prasad D work for?
Prasad D works for American Family Insurance
What is Prasad D's role at the current company?
Prasad D's current role is Application Security Consultant.
Free Chrome Extension
Find emails, phones & company data instantly
Download 750 million emails and 100 million phone numbers
Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.
Start your free trial