Darshan Rana

Associate Partner

Bengaluru, Karnataka, India7 yrs 7 mos experience

Key Highlights

Expert in proactive threat hunting and malware analysis.
Presented at international conferences on digital forensics.
Skilled in developing detection strategies for diverse platforms.

Stackforce AI infers this person is a Cybersecurity expert specializing in threat research and malware analysis.

Contact

Skills

Core Skills

Cyber Threat Intelligence (cti)Cyber Threat Hunting (cth)Threat HuntingDetection EngineeringThreat IntelligenceMalware AnalysisDigital ForensicsMalware Detection

Other Skills

Android Application PentestingCC++Computer ForensicsComputer ScienceCustomer ServiceCyber DefenseCyber-securityCybercrime InvestigationData AnalysisData PresentationEnCaseForensic Toolkit (FTK)Incident ResponseKali Linux

About

Darshan Rana currently working for VMware, Pune as a Threat Research Engineer. however, his work responsibilities are to deal with proactive threat hunting and to work on EDR where he's working on EDR Rule, watchlist and alert investigations. Prior to that he was working with Mindtree Ltd. as a Senior Malware Researcher. where he's dealing with cross platform malware, PE and Non-PE File analysis and add appropriate Detection to Detect Future Malware. He has worked with Network Intelligence (I) Pvt. Ltd. as a Cyber security Analyst (Threat Analyst) focusing on Malware Analysis, Cyber Crime investigation, and Email Forensics. His fields of interest include Threat Research, Threat Hunting, malware analysis, reverse engineering, Digital Forensics, memory forensics, and threat intelligence. He has presented at International Conference INFORESECON 2017 and NullMumbai on various topics which include Dissecting of The Amnesic Incognito Live System, Forensic Analysis of Windows Server 2012, memory forensics, malware analysis. He has conducted training sessions at NullMumbai. #Malware #Hunting #Windows_Malware #Android_Malware #IOS_Malware #Mac_Malware #Linux _Malware #Mumbai #Hyderabad #Memory_Forensics #Malware_Hunting #Reverse_Engineering

Experience

Dell technologies

Threat Intelligence Lead

May 2024 – May 2025 · 1 yr · Dubai, United Arab Emirates · On-site

Leading a diverse team and spearheading organizational threat research initiatives to strengthen proactive security posture.
Skilled in OSINT and CSINT, with hands-on experience leveraging Cyble Vision for real-time threat monitoring, advanced analytics, and actionable intelligence.
Experienced in malware and anomaly research using industry-standard frameworks including MITRE ATT&CK, Cyber Kill Chain, and the Threat Intelligence Life Cycle.
Manage deployment and customization of MISP (Malware Information Sharing Platform), integrating custom feeds and ensuring effective malware data sharing across teams.
Conduct adversarial malware hunting to analyze technical capabilities, TTPs (Tactics, Techniques, and Procedures), and threat actor behaviors.
Produce comprehensive Threat Intelligence reports for organizational stakeholders and security teams.
Skilled in utilizing IBM QRadar, Splunk, and SentinelOne EDR to enhance threat detection, support hunting activities, and design prevention strategies.
Develop and implement detection and prevention methodologies to address evolving cyber threats and produce actionable insights into the global threat landscape.

Cyber Threat Intelligence (CTI)Cyber Threat Hunting (CTH)Research and Development (R&D)Incident Response

Vmware carbon black

2 roles

Senior Threat Research Engineer (MTS 3)

Aug 2023 – Apr 2024 · 8 mos · Pune, Maharashtra, India

PROJECT: CARBON BLACK (Threat Research And Detection Engineering)
WORKING RESPONSIBILITIES:
Applied Research on Proactive Threats campaign
Detection Engineering - writing a Detection and Prevention rules to the CB product
Identify the Active Malware/Threat Campaign
Produce a threat landscape investigation report
Perform Threat Hunting and Threat Intelligence
Develop detection and prevention measures.
Perform hunting for malicious activity across the network and digital
assets.
Utilize a standardized procedure and structure, such as the MITRE
ATT&CK framework, Cyber Kill Chain, and Threat Intelligence Life
Cycle, to conduct malware hunting.
MITRE EVAL - Analyze malware from adversaries technical capabilities and Tactics,
Techniques, and Procedures (TTP) methods of implementation.
Perform AVC and AVT Test for Carbon Black Product
Working on Cross platform threats such as (Windows, Linux, Mac, Android)

Threat Research Engineer (MTS 2)

Aug 2021 – Aug 2023 · 2 yrs · Pune, Maharashtra, India

PROJECT: CARBON BLACK (Threat Research)
Carbon Black is an endpoint Security tool that provides the real time
monitoring and various malware protection.
WORKING RESPONSIBILITIES:
Identify the Active Malware/Threat Campaign
produce a threat landscape investigation report
Perform Threat Hunting and Threat Intelligence
Develop detection and prevention measures.
Perform hunting for malicious activity across the network and digital
assets.
Utilize a standardized procedure and structure, such as the MITRE
ATT&CK framework, Cyber Kill Chain, and Threat Intelligence Life
Cycle, to conduct malware hunting.
Analyze malware from adversaries technical capabilities and Tactics,
Techniques, and Procedures (TTP) methods of implementation.
Perform AVC and AVT Test for Carbon Black Product
MITRE Evaluation

Mindtree

Senior Malware Researcher

Sep 2019 – Aug 2021 · 1 yr 11 mos · Greater Hyderabad Area

PROJECT: MICROSOFT (Malware/Threat Research)
Microsoft Defender is an anti-malware component of Windows OS and
Microsoft Defender ATP is anti-malware component for MAC OS.
WORKING RESPONSIBILITIES:
Determine the current malware or threat campaign.
prepare a report on the threats landscape.
Perform Threat Hunting and Threat Intelligence
Create strategies for detection and prevention.
Perform static and dynamic analysis on different malware platforms.
Assemble the necessary indicators of a compromise and prepare generic
detection coverage
Email Analysis – Spam and Phishing mail analysis, Attachment Analysis,
Email header analysis
Identify potential malicious activity from memory dumps, logs, and
packet captures

Network intelligence

Threat Analyst

Jul 2018 – Aug 2019 · 1 yr 1 mo · Mumbai Area, India

PROJECT: COFENSE (Digital Forensics and Malware Detection)
Cofense is an international project, which helps to strengthen defenses and
gather real-time attack intelligence to stop attacks in progress.
PROJECT: DIGITAL FORENSICS
Disk Imaging through Forensics Imager tools such as FTK imager, Encase
Imager, DumpIt, Belkasoft and perform Forensic Investigation Filesystem
analysis, Timeline Analysis, Keyword/Grep Search, Web Artifacts, Registry,
Email Analysis, Hash Set Filtering & Memory/Malware Analysis.
WORKING RESPONSIBILITIES:
Email Analysis – Spam and Phishing mail analysis, Attachment Analysis,
Email header analysis
Malware Research/Malware Hunting
Prepare Generic YARA detection coverage
Identify the Active Malware/Threat Campaign
Develop detection and prevention measures.
Analysis of forensics artifacts to identify the root cause and indicators of
compromise (IOC) using forensics tools
Security Operation (Identify the malicious and suspicious event)

Creative infotech pvt ltd

Cyber Forensics Expert

Mar 2018 – May 2018 · 2 mos · Ahmedabad Area, India

Directorate of forensics science (dfs) , gandhinagar

Intern

Jan 2017 – Jan 2017 · 0 mo · Gandhinagar,Gujarat, India

Worked as an intern in the Cyber Forensics Department assisting the investigators in analysis of digital devices used during criminal activities. Hands on practice of various tools and technology related to digital forensics such as FTK, ENCASE, UFED, AUTOPSY and MIDAS MONITOR. Internship also included report writing and documentation of extracted digital evidences with respect to the assigned case.