Vaibhav Krishna

AI Researcher

Hyderabad, Telangana, India8 yrs 3 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Proficient in threat hunting and incident response.
  • Expertise in using Splunk for security monitoring.
  • Experience with APT threat actors and MITRE ATT&CK framework.
Stackforce AI infers this person is a Cybersecurity professional with expertise in threat detection and incident response.

Contact

LinkedIn

Skills

Core Skills

CybersecurityIncident ResponseCyber Threat Intelligence (cti)Threat Detection

Other Skills

AWS GuardDutyAzure SecurityCyber Security AnalystCybersecurity Incident ResponseCypher Query LanguageDetection Logic CreationEmail SecurityFirewallsHTMLIDSIPSInvestigationKusto Query Language (KQL)Log AnalysisMITRE ATT&CK

About

Cyber Security Analyst with a demonstrated agile experience in triaging security incidents with relevant teams and proactively hunting threats based on threat intelligence and hypothesis driven hunting scenarios. Experience in analyzing logs generated by both endpoints and network devices using Splunk Enterprise Security. Creating correlation rules and fine tuning false positives for effective SOC monitoring. [Firewalls/IDS/IPS/DNS/Bluecoat Proxy/Antivirus logs] Hunting TTP's of APT groups and mapping them with the MITRE ATT&CK framework. Performing gap analysis for the identified tactics followed by creation of detection logics Experience in Symantec EDR for proactively hunting suspicious events based on MITRE defined TTP's Experience in analyzing the alerts generated by Microsoft Threat Protection suite [MDATP/AATP/O365 ATP/MCAS] and performing in depth analysis by writing KQL queries. Analyzing alerts and incidents generated by cloud hosts with the help of AWS GuardDuty and Azure Security Center Curating industry specific threat intelligence with Recorded Future as well as open source tools and proactively mitigating the upcoming threats. Experience in hunting four live APT actors and identified potential IOC's. Mitigated security breaches by proactively hunting the threat actors. Specially Ransomware attackers.

Experience

Microsoft

2 roles

Threat Researcher II

Jul 2023Present · 2 yrs 8 mos · Hyderabad, Telangana, India

Threat Researcher

Oct 2021Jun 2023 · 1 yr 8 mos · Hyderabad, Telangana, India

Salesforce

Cyber Security Analyst

May 2021Oct 2021 · 5 mos · Hyderabad, Telangana, India

Cyber Security AnalystThreat IntelligenceIncident ResponseCybersecurity

Goldman sachs

Cyber Security Analyst

Oct 2020May 2021 · 7 mos · Bengaluru, Karnataka, India

Tata consultancy services

Cyber Security Analyst

Nov 2017Oct 2020 · 2 yrs 11 mos · Bengaluru, Karnataka, India

  • ▶ Triaging security incidents generated by Splunk from detection to response in an agile environment
  • ▶ Analyzing security events generated by DNS/IDS/IPS/Antivirus/Bluecoat Proxy.
  • ▶ Creating correlation rules in Splunk for detecting various attack patterns.
  • ▶ Fine tuning correlation rules by eliminating false positives.
  • ▶ Conducting purple team assessments for understanding the scope of detection
  • ▶ Experience in analyzing security events triggered by EDR solutions(MDATP and Symantec EDR) and cloud security solutions (Azure Security Center and AWS GuardDuty)
  • ▶ Hunting TTP's of APT groups and mapping them with the MITRE ATT&CK framework.
  • ▶ Creating heat maps with reference to MITRE ATT&CK framework for the detection coverage.
  • ▶ Performing gap analysis for the identified tactics followed by creation of detection logic's using Symantec EDR/Microsoft Threat Protection suite (MDATP, AATP, O365 ATP, MCAS]
  • ▶ Creating advanced hunting rules using MDATP KQL queries.
  • ▶ Conduct OSINT analysis on latest attack trends to obtain IOC's by writing advanced queries in
  • Recorded Future and from other open source tools
  • ▶ Analyzing email security events generated by Microsoft Office 365 ATP.
  • ▶ Creating Standard Operating Procedure (SOP) documents as per Security Incident.
  • ▶ Prepare weekly reports covering the latest findings with the week
  • ▶ Documentation of use cases with proper testing and recommendations
  • ▶ Experience in hunting live APT actors and identified the potential IOC's.
  • ▶ Mitigated security breaches by proactively hunting the threat actors. Specially Ransomware attackers.
  • ▶ Experience with ticket creation tools like ServiceNow and Remedy9
SplunkSymantec EDRMicrosoft Threat ProtectionAzure SecurityAWS GuardDutyCybersecurity+1

Education

Shanmugha Arts, Science, Technology and Research Academy

Bachelor's degree

Jan 2013Jan 2017

Stackforce found 100+ more professionals with Cybersecurity & Incident Response

Explore similar profiles based on matching skills and experience

Ramesh A Shetty

Ramesh A Shetty

Senior Security Delivery Manager - Application Security

at Accenture

Bengaluru, India20 yrs 5 mos exp
Monica Malik

Monica Malik

Security Engineer

at NetApp

South Delhi, India10 yrs exp
CybersecurityInformation Security Management
Kaaviya Balaji

Kaaviya Balaji

Cyber Security Reporter, Spokesperson, Admin

at Cyber Security News

Chennai, India2 yrs 6 mos exp
CybersecurityCyber Operations
Daniel Sant'Anna de Oliveira

Daniel Sant'Anna de Oliveira

Senior Security Consultant

at IOActive, Inc.

Curitiba, Brazil9 yrs 6 mos exp
Fraud DetectionSecurity Architecture DesignReverse Engineering
Rashi Sharma

Rashi Sharma

Information Security Specialist

at TD

Toronto, Canada6 yrs 3 mos exp
Srilatha Dharmapuri

Srilatha Dharmapuri

Cyber Sec Archt/Engr 2

at Honeywell

Hyderabad, India6 yrs 10 mos exp
SV

Sudarshan Vidhamwar

Security operations (SRE)

at DigiBoxx Technologies

Pune, India0 mo exp
Dylan Williams

Dylan Williams

Co-Founder & Chief Research Officer

at Spectrum Security

San Francisco, United States12 yrs 6 mos exp
Cloud Security