As Founder and CEO of CyberAGI INC ,I lead a pioneering company at the intersection of cybersecurity and artificial intelligence. With over a decade of experience in cybersecurity and ML, I've directed our efforts towards crafting the world's first Self-Sufficient Cyber Ai platform—Excalibur. Problem we are solving is to remove Cybersecurity as a cost center, and convert into a revenue generator. How you ask? With Excalibur, a complete suite of AI-based Offensive & Defensive security products designed to reposition human security engineers into critical positions of your company to add more value in securing the organization. The future we envision: We position ourselves to be the leaders in Ai driven security, being an AI first company with a goal to reach Artificial General Intelligence in the cyber domain gives us an unprecedented advantage. From Pentesting to SOC to Threat Modeling to Scanning to Intricate reporting and presentation, we got your back so you can make cybersecurity a revenue generator. Strategic Leadership: Spearhead overall operations, product vision, design, and engineering, guiding the company towards its mission to revolutionize the cybersecurity landscape.Innovation Management: Pioneered the development of Excalibur, a cutting-edge platform designed to perform autonomous cybersecurity operations, reducing dependency on human intervention and enhancing security efficacy.Team Building & Leadership: Recruited and led a top-tier team of professionals in AI and cybersecurity, fostering an environment of innovation and excellence.

As the Senior Red Team Lead at Expedia, I tackled the critical question: “How secure is my department?”Traditional penetration testing had lost much of its relevance, often overlooking modern security complexities. Vulnerabilities were frequently disputed using CVSS scores, causing delays, and reports were too technical for stakeholders to act on effectively.To address these gaps, I led the creation of a groundbreaking strategy:- End-to-End Threat Modeling: I designed a comprehensive methodology that evaluated people, processes, and technology across business units. A tailored questionnaire aligned with diverse threat modeling frameworks, enabling us to provide solutions customized to each unit’s architecture and unique risks.- Enhanced Risk Quantification: To overcome the shortcomings of CVSS scores, I developed a custom formula that quantified risk as a percentage (e.g., "30% of your business is insecure"). This clear metric streamlined decision-making and minimized disputes over risk assessments.- Executive-Friendly Reporting: I restructured reports to translate technical findings into concise, actionable insights. These reports bridged the gap between technical teams and executives, ensuring that all stakeholders could easily understand and act on security issues.I developed custom in-house software for Expedia (IP owned by me) that automated critical parts of the security assessment process. It streamlined questionnaire generation, generated pentesting use cases tailored to unique architectures, and produced AI-driven reports. By freeing security engineers from repetitive tasks, the software doubled the throughput of end-to-end assessments per engineer. It also neatly compiled findings and calculated a company-wide risk posture analysis, enabling holistic coverage and actionable insights.This solution transformed Expedia’s security practices, delivering clear, actionable insights and setting a new standard for enterprise security assessments.

At Nexus Infosec, I have been at the helm of driving cybersecurity excellence and innovation. My role as CEO encompasses overseeing strategic direction, leading cutting-edge security initiatives, and consulting with clients on critical cybersecurity matters. Here are some highlights:Strategic Consulting: I have been called upon by numerous organizations, both before and after cyber incidents, to provide expert guidance on best practices, risk assessment, and mitigation strategies. My proactive and reactive consulting has helped clients safeguard their digital assets and minimize operational disruptions.Crisis Management: During and after cyber attacks, I led our response teams to swiftly identify vulnerabilities, contain threats, and restore security. My hands-on approach ensured that clients could resume normal operations with confidence, armed with enhanced security measures.Innovative Solutions: I spearheaded the development of advanced security solutions tailored to our clients' unique needs, focusing on proactive threat detection, real-time monitoring, and comprehensive incident response. Our solutions have consistently exceeded industry benchmarks and client expectations.Client Relationships: I have built and nurtured strong relationships with a diverse portfolio of clients across various sectors, including finance, healthcare, and technology. My commitment to understanding their specific challenges and delivering customized solutions has earned Nexus Infosec a reputation for excellence and reliability.Leading Nexus Infosec has been an exhilarating journey of continuous learning and growth. Recently, we merged our resources and are now part of CyberAGI Inc., a cutting-edge AI-driven cybersecurity firm. CyberAGI is focused on reaching the next generation of offensive and defensive security, transforming cybersecurity from a cost center into a revenue generator.

As a Senior Red Team Specialist at SolarWinds, I was instrumental in developing a robust Red Team program following the significant cybersecurity breach. With a mandate to enhance security frameworks across one of the world's largest IT companies, my role has been critical in spearheading offensive cybersecurity initiatives to safeguard assets spread across five continents and servicing over 300,000 customers, including numerous Fortune 500 companies and federal agencies.Program Development: Conceptualized and executed the establishment of a comprehensive Red Team program, tailored to address and mitigate systemic vulnerabilities exposed by the breach.Team Leadership: Recruited, managed, and trained a cadre of elite cybersecurity professionals, enabling the execution of sophisticated phishing campaigns and penetration tests using advanced Tactics, Techniques, and Procedures (TTP).Innovative Engagement Rules: Crafted and implemented innovative Rules of Engagement that introduced continuous, multi-threaded adversarial pressures, ensuring the organization remains perpetually prepared for real-world cyber threats.Tactical Discrepancy Exploitation: Skilled in the art of recognizing and capitalizing on the tactical gaps between offensive and defensive security measures. By employing an arbitrage strategy within the Red Team framework, I facilitate a dynamic testing environment where continuous, real-world attack simulations lead to robust, actionable insights, significantly fortifying our cybersecurity posture.Strategic Security Overhaul: Successfully led the transformation of SolarWinds' security culture, integrating offensive security measures that have significantly reduced risk and enhanced system integrity.Operational Excellence: Directed numerous high-stakes security projects that tested and validated the security architecture, resulting in strengthened defenses against sophisticated cyber threats.

As an Instructor at Southern Methodist University, I leverage extensive experience from the cybersecurity industry to provide students with practical, real-world insights. My aim is to bridge the gap between academic theories and the dynamic realities of cybersecurity in corporate America, preparing students not just to understand, but to excel in the field.Practical Teaching Approach: Employ a curriculum that integrates traditional academic content with real-world case studies and my own professional experiences to provide students with a holistic understanding of cybersecurity.Student Engagement and Mentorship: Actively engage with students through lectures, labs, and personal mentorship, focusing on applying theoretical knowledge to practical scenarios they are likely to encounter in their careers.Curriculum Development: Contribute to curriculum development by updating course materials to include the latest cybersecurity trends, technologies, and best practices, ensuring that the educational content remains current and relevant.Problem Solving and Support: Provide continuous support and guidance to students, helping them navigate complex cybersecurity problems and encouraging critical thinking and innovative solutions.Enhanced Employability: Successfully mentored numerous students who have gone on to secure positions in top-tier cybersecurity roles, armed with the practical skills and understanding necessary to thrive.Curriculum Innovation: Revamped several course modules to better align with contemporary cybersecurity challenges, significantly increasing student engagement and comprehension.

•Created awesome cybersecurity videos ranging from offensive Red Team engagements to Blue Team arsenal setup.• Live on Twitch - https://www.twitch.tv/infosecbro• Available on Youtube - https://www.youtube.com/channel/UCOwltphUp6OgdkTK6DEKryg• Document Blogs at - https://cyber.shubhamkhichi.com/

Grab a cold one and enjoy a relaxed security-focused podcast with my co-host Sunny, where we interview and discuss important topics with top-notch professionals in the cyber community. Listen to the podcast on Spotify - https://open.spotify.com/show/57oHl7fMPrawp3CDFpn3M4

As a Security Researcher at HackerOne, my expertise spans comprehensive vulnerability analysis, exploit development, and reversing of complex malware and ransomware. My work directly contributes to fortifying web applications and operating systems against emerging security threats, ensuring robust protection for a wide range of corporate clients.Vulnerability Research and Exploitation: Skilled in identifying and exploiting a variety of security vulnerabilities, including XSS, CSRF, IDOR, and SQL Injection, using advanced tools like Burp Suite Pro to analyze and secure web applications.Malware and Ransomware Analysis: Analyzed and reverse-engineered well-known ransomware and malware to determine exploit functionality and assess business impact, enhancing our understanding of attacker methodologies and defense strategies.Security Testing: Conducted detailed security testing, creating comprehensive test cases for both manual and automated tests, meticulously documenting findings and reporting issues for systematic follow-up.Proof of Concept Development: Developed clear and concise Proof of Concept reports demonstrating how systems can be compromised, effectively communicating risks and remediation strategies to IT stakeholders.Exploit Development: Demonstrated proficiency in exploit development, customizing exploits to bypass system and sandbox protections, thereby highlighting critical security gaps.Privilege Escalation: Experienced in performing privilege escalation by exploiting operating system vulnerabilities within both Linux and Windows environments.Security Framework Proficiency: Well-versed in the Cyber Kill Chain model and the OWASP Top-10 framework, applying these methodologies to enhance our security posture systematically.

As an Undergraduate Research Fellow, I have honed my skills in academic research with a focus on supply chain management, gaining extensive experience in data collection, analysis, and the academic publication process. My work has involved deep engagement with industry professionals and contributed to significant research findings, impacting how industries optimize their supply chains.Industry-Wide Data Collection: Conducted interviews with Supply Chain managers across 98 industries, gathering valuable data to understand diverse supply chain dynamics.Advanced Data Analysis: Utilized the PLS-SEM method, including exploratory factor analysis, to analyze collected data, leading to meaningful insights that contributed significantly to our research objectives.Academic Contribution: Played a crucial role in preparing research findings for publication, ensuring compliance with journal submission criteria and contributing to the academic discourse on supply chain management.Literature Review and Research Expansion: Conducted comprehensive academic literature reviews and explored potential research ideas, which helped in broadening the scope of our study and enhancing the depth of our analysis.Research Paper Drafting: Acquired experience in drafting the final version of research papers, mastering the art of presenting complex research findings in a manner suitable for academic dissemination.

• Promoted to team captain within 20 months of employment based on leadership and management skills as a Data Analyst at UTArlington.• Devised training material for a diverse team of 15 highly skilled employees.• Analyzed the strengths and weaknesses of employees and delegated tasks enhancing their leadership.• Undertook various projects about the university admission growth and executed with incredible detail, in a time-bound manner.• Understood and listened to the needs and requirements of the team and came up with effective solutions.

• Undertook various tasks of inputting various demographic and academic data of the student population.• Improvised leadership and planning skills.• Indulged in intensive teamwork and which calibrated me to take higher responsibilities at the workspace.

• Promoted to Regional Marketing Intern within 5 months of employment based on the leadership skills as a Mozilla University Ambassador• Executing successful marketing campaigns in various universities in the United States.• Enhanced recruiting and interviewing skills by hiring students on board with Mozilla Firefox• Targeted both offline and online consumers by designing a multi-pronged marketing strategy.

• Collaborated with Mozilla’s Engagement Department to design and implement an acquisition program at the UT Arlington for the launch of Firefox iOS and Private Browsing with Tracking Protection.• Managed a team of 3 and via multiple successful marketing events, obtained 8000 browser & mobile downloads • Engaged with student organizations and administrative departments to amplify Mozilla’s brand awareness and increased product adoption.