Subhash P. — DevOps Manager
I'm Subhash Popuri, a threat hunter, an incident responder, hobbyist CTI analyst and a security researcher who loves to solve complex problems. On a daily basis, I work on the following things: * Red Teaming: * - Red Teaming assessment of Client's Infrastructure through Adversary simulation. - Adversary simulation by following all Cyber Kill chain phases like Enumeration, Initial Compromise, Privilege Escalation, Internal Recon & Data Exfiltration. - Conduct cyber security red team assessments and mapping findings to frameworks like NIST and MITRE. - Automate several phases of enumeration and exploitation. - Physical Intrusion assessment at Client's Offices - Assessing Blue team's capability to stop a real world adversary and reporting findings in a presentable and actionable manner. - Researching and staying up-to-date with new security vulnerabilities and new TTPs of exploitation. * Blue Teaming: * - Forensic Investigation of small to mid scale cyber security incidents for top banks and organizations in the country. - Assisting in large scale Incident response to top-notch firms. - Designing of playbooks for automating Threat hunting process through the integration of IOC and IOA. - Occasional threat intel research by mixing OSINT (Open source Intelligence recon) techniques for identifying recent TTPs leveraged by advanced threat actors. - Threat identification and mitigation by analyzing existing client setup and suggesting relevant changes. - Developing tools like Ransomware simulator, Attack simulators, C2 frameworks leveraging lesser known techniques for blue teams to test their existing detection mechanism's efficacy against advanced and lesser known techniques. Apart from work, I spend my most of my free time with Research on ML and Data Science for better Cyber security detection, Movies and Travelling. I've been privileged to work with many world renowned security teams like Google, Facebook, Twitter, Microsoft, Dell, Cisco among many others as a part of their bug bounty /responsible disclosure programs. I'm fortunate enough to have helped the USA.GOV security staff about potential security vulnerabilities way before their responsible disclosure program was announced. I'm open to pro-bono consulting and helping people within my legal capacity. If you want to get in touch with me, spare an INMAIL, I can be reached via e-mail at pbssubhash[@]gmail.com (Please remove "[]" ).
Stackforce AI infers this person is a Cybersecurity Specialist with expertise in threat hunting and incident response.
Location: Hyderabad, Telangana, India
Experience: 10 yrs 1 mo
Career Highlights
- Expert in Red and Blue Teaming strategies.
- Extensive experience with top tech companies' security teams.
- Pro-bono consulting for cybersecurity vulnerabilities.
Work Experience
Microsoft
Senior Security Researcher (1 yr 7 mos)
Security Researcher (5 mos)
Cyber Threat Hunter @ MSRC Threat Hunting Team (1 yr 6 mos)
EY
Senior Cyber Security Consultant (7 mos)
Cyber Security Consultant (1 yr 1 mo)
PwC India
Cyber Security Consultant (1 yr 9 mos)
Primeauth
Founder (10 mos)
Student Entrepreneur (1 yr 11 mos)
Synack Red Team
Security Researcher (2 yrs 3 mos)
Defencely
Mobile Application Security Researcher Intern (1 mo)
Education
Masters of Technology at BITS Pilani Work Integrated Learning Programmes
Advanced Certification in AI & ML at IIIT Hyderabad
2018-Cohort; Advisory Track at Startup School Online
Bachelor's Degree at Anurag Group of Institutions
Intermediate - 12 th class Degree. at Narayana Junior College
10th Class at Sandeepam Vidyalaya High School
