Intro

Photo by Unsplash.com

Collaborative Incident Responder with the ability to partner with executive teams to define and develop solutions.

Experienced security professional with a successful track record of delivering consulting services in the areas of incident response, cyber readiness and digital forensics with direct experience inside public, financial and retail sectors. Solid ability to create cross-functional partnerships to drive effectiveness.

I started hacking at a very young age and managed to stay out of trouble...

Work

@macroman - unsplash.com
"Every Contact Leaves a Trace - Edmond Locard"

My ongoing projects

Parsing forensic host data into elastic

To get more info about my ongoing projects, please visit my Github :)

A sanitized war story of an incident responder in the trenches

Identities have been changed to protect the client's privacy

"$600 million gone. Just... gone."

That's how my Thursday began at 4am, with a trembling voice on the other end of the phone. "Hi... it's Kartik from IBFC. We've been trying to handle this internally for the past few hours but... we're in over our heads."

As I booted up my laptop, Kartik explained between coffee sips how their blockchain validators had been acting strange for days. It wasn't until a routine audit that they realized the horrifying truth - someone had been silently draining their cross-chain bridges, transaction by transaction.

Initial investigation revealed the attacker had managed to obtain access to five validator private keys - four from the organization's validators and one from a third party. The compromise wasn't detected for six days, during which the attacker orchestrated withdrawals through a complex series of transactions involving multiple chains and DEXs.

Working with blockchain forensics firms and law enforcement, we traced the flow of funds across multiple chains. The attacker had attempted to use various mixing services and cross-chain bridges to obscure the trail, but their patterns started emerging.

72 hours of non-stop investigation later, we had mapped the complete attack chain: A spear-phishing campaign targeting devops engineers led to compromised credentials, which were used to extract the validator private keys from a cloud service.

The incident resulted in significant changes to the organization's validator key management system, including implementation of a more robust MPC-based signing system and enhanced monitoring for suspicious validator behavior.

Sometimes the biggest incidents start with a simple phone call at 4am. But this one? This one would change the way we think about cross-chain security forever.

About

Security Operations Center

With over a decade of experience in cybersecurity, I specialize in enterprise-scale incident response and digital forensics across both traditional and blockchain environments.

Enterprise Security

  • Large-scale forensics hunting across distributed environments
  • Cloud-native incident response and threat detection
  • Processing billions of telemetry points from cloud workloads to endpoint
  • Enterprise endpoint detection and response at scale

Blockchain Security

  • Cross-chain bridge security assessments
  • Smart contract incident response
  • Validator infrastructure security
  • Blockchain forensics and transaction tracing

Currently partnering with Fortune 500 companies and major DeFi protocols to enhance their security posture, incident response capabilities, and forensic readiness.

"Security at scale isn't about having all the answers - it's about asking the right questions across petabytes of data."

Profile Picture

Elements

Text

This is bold and this is strong. This is italic and this is emphasized. This is superscript text and this is subscript text. This is underlined and this is code: for (;;) { ... }. Finally, this is a link.


Heading Level 2

Heading Level 3

Heading Level 4

Heading Level 5
Heading Level 6

Blockquote

Fringilla nisl. Donec accumsan interdum nisi, quis tincidunt felis sagittis eget tempus euismod. Vestibulum ante ipsum primis in faucibus vestibulum. Blandit adipiscing eu felis iaculis volutpat ac adipiscing accumsan faucibus. Vestibulum ante ipsum primis in faucibus lorem ipsum dolor sit amet nullam adipiscing eu felis.

Preformatted

i = 0;

while (!deck.isInOrder()) {
    print 'Iteration ' + i;
    deck.shuffle();
    i++;
}

print 'It took ' + i + ' iterations to sort the deck.';

Lists

Unordered

  • Dolor pulvinar etiam.
  • Sagittis adipiscing.
  • Felis enim feugiat.

Alternate

  • Dolor pulvinar etiam.
  • Sagittis adipiscing.
  • Felis enim feugiat.

Ordered

  1. Dolor pulvinar etiam.
  2. Etiam vel felis viverra.
  3. Felis enim feugiat.
  4. Dolor pulvinar etiam.
  5. Etiam vel felis lorem.
  6. Felis enim et feugiat.

Icons

Actions

Table

Default

Name Description Price
Item One Ante turpis integer aliquet porttitor. 29.99
Item Two Vis ac commodo adipiscing arcu aliquet. 19.99
Item Three Morbi faucibus arcu accumsan lorem. 29.99
Item Four Vitae integer tempus condimentum. 19.99
Item Five Ante turpis integer aliquet porttitor. 29.99
100.00

Alternate

Name Description Price
Item One Ante turpis integer aliquet porttitor. 29.99
Item Two Vis ac commodo adipiscing arcu aliquet. 19.99
Item Three Morbi faucibus arcu accumsan lorem. 29.99
Item Four Vitae integer tempus condimentum. 19.99
Item Five Ante turpis integer aliquet porttitor. 29.99
100.00

Buttons

  • Disabled
  • Disabled

Form