Technical Research_Output

Implementation of a multi-layered network defense strategy incorporating automated perimeter securit

Implementation of a multi-layered network defense strategy incorporating automated perimeter security and zone-based segmentation.

A comprehensive implementation of Zero-Trust principles across a hybrid enterprise environment, movi

A comprehensive implementation of Zero-Trust principles across a hybrid enterprise environment, moving away from perimeter-based security to identity-aware micro-segmentation.

A comprehensive security assessment of a financial web portal, identifying critical vulnerabilities

A comprehensive security assessment of a financial web portal, identifying critical vulnerabilities and implementing robust mitigations.

Security assessment and hardening of high-volume financial APIs, implementing strict OAuth 2.0 flows

Security assessment and hardening of high-volume financial APIs, implementing strict OAuth 2.0 flows, rate limiting, and input validation to prevent BOLA/BFLA attacks.

Conducted a full-scope Red Team operation against a digital bank, simulating an APT group. Successfu

Conducted a full-scope Red Team operation against a digital bank, simulating an APT group. Successfully compromised domain controllers via spear-phishing and lateral movement.

Simulated adversary attack against a corporate infrastructure to identify hidden attack vectors and

Simulated adversary attack against a corporate infrastructure to identify hidden attack vectors and systemic weaknesses.

Developed and tested automated SOAR playbooks for rapid containment of ransomware outbreaks, reducin

Developed and tested automated SOAR playbooks for rapid containment of ransomware outbreaks, reducing mean time to isolate (MTTI) by 85%.

Deployment and tuning of a Security Information and Event Management (SIEM) system for real-time thr

Deployment and tuning of a Security Information and Event Management (SIEM) system for real-time threat detection and incident response.

Created custom Volatility 3 plugins to detect modern DKOM (Direct Kernel Object Manipulation) techni

Created custom Volatility 3 plugins to detect modern DKOM (Direct Kernel Object Manipulation) techniques used by sophisticated rootkits in Windows memory dumps.

Technical analysis of compromised host systems to reconstruct attack timelines and identify the root

Technical analysis of compromised host systems to reconstruct attack timelines and identify the root cause of the breach.

Implementation of an Information Security Management System (ISMS) aligned with international standa

Implementation of an Information Security Management System (ISMS) aligned with international standards and regulatory requirements.

Led the gap analysis and remediation strategy for a SaaS provider to achieve ISO 27001 certification

Led the gap analysis and remediation strategy for a SaaS provider to achieve ISO 27001 certification, establishing a robust Information Security Management System (ISMS).

Architecting a secure-by-default cloud deployment pipeline with automated security scanning and immu

Architecting a secure-by-default cloud deployment pipeline with automated security scanning and immutable infrastructure.

Designed a security framework for serverless architectures, implementing least-privilege IAM roles,

Designed a security framework for serverless architectures, implementing least-privilege IAM roles, automated dependency scanning, and runtime protection for Lambda functions.