This document is a resume for Dhishant Abrol summarizing his professional experience and qualifications. He has over 6 years of experience in information and network security, currently working as a Security Researcher. Previous roles include managing security operations centers and security architectures for clients. He has various technical certifications and skills in areas like vulnerability assessment, malware analysis, compliance, and security tools.
This webinar is primarily intended for those that are in need of an informational overview on how to respond to information security incidents or have a responsibility for doing so. It will also assist with your preparation for a Computer Security Incident Handling certification.
Application Security Architecture and Threat ModellingPriyanka Aash
95% of attacks are against “Web Servers and Web Applications”
Security Architecture and SDLC
3 Tier – Web App Architecture
Would you trust the code?
Traditional SDLC
Secure SDLC
SAST vs. DAST
This webinar is primarily intended for those that are in need of an informational overview on how to respond to information security incidents or have a responsibility for doing so. It will also assist with your preparation for a Computer Security Incident Handling certification.
Application Security Architecture and Threat ModellingPriyanka Aash
95% of attacks are against “Web Servers and Web Applications”
Security Architecture and SDLC
3 Tier – Web App Architecture
Would you trust the code?
Traditional SDLC
Secure SDLC
SAST vs. DAST
Conceito militar, agora aplicado a Cibersegurança, o "the cyber kill chain" foi desenvolvido pela Lockheed Martin em 2011. Ele descreve as fases que um adversário seguirá para alvejar uma Organização. São 7 fases bem definidas e este ataque é considerado bem sucedido
se / quando todas as fases foram realizadas.
(DOCUMENTO EM INGLÊS)
Mapping the Enterprise Threat, Risk, and Security Control Landscape with SplunkAndrew Gerber
As threats evolve, it is essential to move beyond looking at events toward developing behavioral analysis capabilities. Knowing not only the components but also the rhythms of your environment becomes crucial to enable earlier detection of attackers. This session will review the threat and risk landscape today, recommend approaches to bolster your security control monitoring, apply situational awareness and kill chain techniques, and walk through the construction of two specific use cases. They are 1) detecting compromised accounts via remote access behavior analysis and 2) detecting malicious activity (attacker or insider) by detecting and tracing network jumpers from corporate to guest networks. The session will discuss the design approach and searches used in these two use cases so that you can build other use cases to improve your security capability and posture.
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
Esta presentación tiene como fin analizar los vectores de amenazas online, tales como: ataques basados en correo electrónico, plataformas web, redes sociales, ingeniería social, botnets, y también vectores de amenazas offline, tales como: vulnerabilidades de USB y las emanaciones electromagnéticas. Asimismo, las vulnerabilidades de días cero y las infracciones más grandes divulgadas por la compañía; es así como, bajo esta problemática, dará a conocer las medidas para proteger los datos y luchar contra el fenómeno de la ciberdelincuencia.
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
The Incident Response Playbook for Android and iOSPriyanka Aash
What is your mobile device incident response plan? If you cannot answer that question, you should attend this session. The session will cover the challenges in mobile, how and why it is different from traditional incident response, and the building blocks you can use to craft your own mobile incident response plan.
(Source: RSA USA 2016-San Francisco)
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
Presented at ISSA Cornerstones of Trust June 6, 2012.
No one wants to be the next cyber casualty. Collectively, organizations spend an enormous amount of resources deploying and managing security solutions to block malware, protect data, and keep critical business services operating.
Yet most organizations remain inadequately protected against evolving and dangerous cyber threats. In this session, we will learn to recognize common network attack scenarios and mitigate the combination of misconfigurations, vulnerabilities, access policy violations and other security gaps that can be exploited by sophisticated attackers.
High-profile breaches at Epsilon, Sony, and other enterprise and government networks have dominated the news lately, raising awareness of the need to design effective security strategies against sophisticated attacks and advanced persistent threats (APTs). Many companies struggle with where to begin to develop an effective plan of cyber defense.
During this session we will walk the audience through several attack scenarios using a visual attack explorer tool, highlighting the combination of security gaps that are often used and how to prevent them. Network modeling, vulnerability analysis, access path analysis, and attack simulation will all be introduced and we will show how these analytical tools can be used to quickly and automatically find exposed areas of a network.
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
This session will focus on presenting a next generation defense in depth model and answer the question on many CISO’s minds - is it still relevant? A model of defense in depth will serve as a backdrop to introduce you to a wide range of solutions from across the cybersecurity-industrial complex that just may change how you view your defense in depth approach.
Proactive cyber defence through adversary emulation for improving your securi...idsecconf
Organization using Adversary Emulation plan to develop an attack emulation and/or simulation and execute it against enterprise infrastructure. These activities leverage real-world attacks and TTPs by Threat Actor, so you can identify and finding the gaps in your defense before the real adversary attacking your infrastructure. Adversary Emulation also help security team to get more visibility into their environment. Performing Adversary Emulation continuously to strengthen and improve your defense over the time.
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologies that we buy and helps organizations align their vendors to have the right suite of capabilities to execute their information security mission.
See the 2019 version at: http://bit.ly/cyberdefensematrixreloaded
See the 2022 version at: http://bit.ly/cyberdefensematrixrevolutions
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
Are Cybersecurity threats increasing? Learn about protecting your business with a security program and understanding ransomware threats. Join us as Google's Biodun Awojobi and Wade Walters join us to discuss "Security Programs and Ransomware in the Cloud." We expect to have additional Cybersecurity events in future to cover security posture, Zero Trust, Google's Cybersecurity products & more!
#cybersecurity #ransomware #google #gdg #gdgcloudsouthlake
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
Splunk for Security Workshop
Join our Splunk Security Experts and learn how to use Splunk Enterprise in a live, hands-on incident investigation session. We'll use Splunk to disrupt an adversary's Kill Chain by finding the Actions on Intent, Exploitation Methods, and Reconnaissance Tactics used against a simulated organization. Data investigated will include threat list intelligence feeds, endpoint activity logs, e-mail logs, and web access logs. This session is a must for all security experts! Please bring your laptop as this is a hands-on session.
La conciencia postural es el trabajo que día a día ofrece Pilar Domínguez en sus centros, donde se imparten clases de la mecánica corporal preventiva y paliativa que ella misma ha creado y que está ayudando a profesionales del deporte y lo que es más importante, a las personas de a pie. Su labor se centra en un constante trabajo de corrección y concienciación postural de los alumnos y pacientes derivados por profesionales de la salud.
Phuket Overv iew
• Phuket has the highest number of
tourists in the Southern tourism
region
• Phuket has four maritime ports and
yacht marinas on its northeastern
coast that can serve tourists accessing
islands in Phang Nga Bay and
offshore from Krabi which means
Phuket is at the forefront in the
Andaman Sea region in promoting
resorts for the yachting circle
• Phuket is a center for sailing
competitions with major regattas,
such as the Phuket King’s Cup Regatta,
being held every year
• Small and medium enterprises
(SMEs) in Phuket have been growing
tremendously. Aside from boosting
income and attracting more tourists,
the SMEs also help to expand the
economy resulting in brisk exchanges,
the creation of jobs and increased
spending.
Conceito militar, agora aplicado a Cibersegurança, o "the cyber kill chain" foi desenvolvido pela Lockheed Martin em 2011. Ele descreve as fases que um adversário seguirá para alvejar uma Organização. São 7 fases bem definidas e este ataque é considerado bem sucedido
se / quando todas as fases foram realizadas.
(DOCUMENTO EM INGLÊS)
Mapping the Enterprise Threat, Risk, and Security Control Landscape with SplunkAndrew Gerber
As threats evolve, it is essential to move beyond looking at events toward developing behavioral analysis capabilities. Knowing not only the components but also the rhythms of your environment becomes crucial to enable earlier detection of attackers. This session will review the threat and risk landscape today, recommend approaches to bolster your security control monitoring, apply situational awareness and kill chain techniques, and walk through the construction of two specific use cases. They are 1) detecting compromised accounts via remote access behavior analysis and 2) detecting malicious activity (attacker or insider) by detecting and tracing network jumpers from corporate to guest networks. The session will discuss the design approach and searches used in these two use cases so that you can build other use cases to improve your security capability and posture.
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
Esta presentación tiene como fin analizar los vectores de amenazas online, tales como: ataques basados en correo electrónico, plataformas web, redes sociales, ingeniería social, botnets, y también vectores de amenazas offline, tales como: vulnerabilidades de USB y las emanaciones electromagnéticas. Asimismo, las vulnerabilidades de días cero y las infracciones más grandes divulgadas por la compañía; es así como, bajo esta problemática, dará a conocer las medidas para proteger los datos y luchar contra el fenómeno de la ciberdelincuencia.
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
The Incident Response Playbook for Android and iOSPriyanka Aash
What is your mobile device incident response plan? If you cannot answer that question, you should attend this session. The session will cover the challenges in mobile, how and why it is different from traditional incident response, and the building blocks you can use to craft your own mobile incident response plan.
(Source: RSA USA 2016-San Francisco)
Anticipate and Prevent Cyber Attack Scenarios, Before They OccurSkybox Security
Presented at ISSA Cornerstones of Trust June 6, 2012.
No one wants to be the next cyber casualty. Collectively, organizations spend an enormous amount of resources deploying and managing security solutions to block malware, protect data, and keep critical business services operating.
Yet most organizations remain inadequately protected against evolving and dangerous cyber threats. In this session, we will learn to recognize common network attack scenarios and mitigate the combination of misconfigurations, vulnerabilities, access policy violations and other security gaps that can be exploited by sophisticated attackers.
High-profile breaches at Epsilon, Sony, and other enterprise and government networks have dominated the news lately, raising awareness of the need to design effective security strategies against sophisticated attacks and advanced persistent threats (APTs). Many companies struggle with where to begin to develop an effective plan of cyber defense.
During this session we will walk the audience through several attack scenarios using a visual attack explorer tool, highlighting the combination of security gaps that are often used and how to prevent them. Network modeling, vulnerability analysis, access path analysis, and attack simulation will all be introduced and we will show how these analytical tools can be used to quickly and automatically find exposed areas of a network.
Next Generation Defense in Depth Model - Tari Schreider, CCISO, Chief Cybers...EC-Council
This session will focus on presenting a next generation defense in depth model and answer the question on many CISO’s minds - is it still relevant? A model of defense in depth will serve as a backdrop to introduce you to a wide range of solutions from across the cybersecurity-industrial complex that just may change how you view your defense in depth approach.
Proactive cyber defence through adversary emulation for improving your securi...idsecconf
Organization using Adversary Emulation plan to develop an attack emulation and/or simulation and execute it against enterprise infrastructure. These activities leverage real-world attacks and TTPs by Threat Actor, so you can identify and finding the gaps in your defense before the real adversary attacking your infrastructure. Adversary Emulation also help security team to get more visibility into their environment. Performing Adversary Emulation continuously to strengthen and improve your defense over the time.
Understanding The Security Vendor Landscape Using the Cyber Defense Matrix (R...Sounil Yu
The Cyber Defense Matrix enables organizations to define clear categories for the range of products and services that are available in the marketplace to solve our various infosec problems. This model removes confusion around the security technologies that we buy and helps organizations align their vendors to have the right suite of capabilities to execute their information security mission.
See the 2019 version at: http://bit.ly/cyberdefensematrixreloaded
See the 2022 version at: http://bit.ly/cyberdefensematrixrevolutions
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
Are Cybersecurity threats increasing? Learn about protecting your business with a security program and understanding ransomware threats. Join us as Google's Biodun Awojobi and Wade Walters join us to discuss "Security Programs and Ransomware in the Cloud." We expect to have additional Cybersecurity events in future to cover security posture, Zero Trust, Google's Cybersecurity products & more!
#cybersecurity #ransomware #google #gdg #gdgcloudsouthlake
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
Splunk for Security Workshop
Join our Splunk Security Experts and learn how to use Splunk Enterprise in a live, hands-on incident investigation session. We'll use Splunk to disrupt an adversary's Kill Chain by finding the Actions on Intent, Exploitation Methods, and Reconnaissance Tactics used against a simulated organization. Data investigated will include threat list intelligence feeds, endpoint activity logs, e-mail logs, and web access logs. This session is a must for all security experts! Please bring your laptop as this is a hands-on session.
La conciencia postural es el trabajo que día a día ofrece Pilar Domínguez en sus centros, donde se imparten clases de la mecánica corporal preventiva y paliativa que ella misma ha creado y que está ayudando a profesionales del deporte y lo que es más importante, a las personas de a pie. Su labor se centra en un constante trabajo de corrección y concienciación postural de los alumnos y pacientes derivados por profesionales de la salud.
Phuket Overv iew
• Phuket has the highest number of
tourists in the Southern tourism
region
• Phuket has four maritime ports and
yacht marinas on its northeastern
coast that can serve tourists accessing
islands in Phang Nga Bay and
offshore from Krabi which means
Phuket is at the forefront in the
Andaman Sea region in promoting
resorts for the yachting circle
• Phuket is a center for sailing
competitions with major regattas,
such as the Phuket King’s Cup Regatta,
being held every year
• Small and medium enterprises
(SMEs) in Phuket have been growing
tremendously. Aside from boosting
income and attracting more tourists,
the SMEs also help to expand the
economy resulting in brisk exchanges,
the creation of jobs and increased
spending.
Revista Oficial ANECPLA: Infoplagas. Nº 51 JUN 2013ANECPLA
Presentación de nuestra directora general Milagros Fernández, además de entrevistas a profesionales del sector, resúmenes de congresos a los que asiste nuestra asociación, y la oferta formativa que ofrecemos.
Temática:
Control de plagas.
Oferta formativa de ANECPLA.
Congresos y reuniones de ANECPLA.
Dear Sir/Madam,
Our Company ISISO is the producer of (Chillers and Heat Pump, Water Cooling Towers, Cooling Air Conditioning Systems, Mechatronic Designs) and we would like to make our company and its products known to you. Enclosed is a brochure which gives you general information about our products. . If you are interested, please visit our web site (www.isisosogutma.com.tr) or contact us (info@isisosogutma.com.tr) . We will be happy to send you any further information. We may be available in the near future to discuss the subject with you as well.
Thanking for your kind interest
Best Regards
You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.
Cybersecurity threats are also evolving with advances in technology. As technology advances, so do the methods and techniques used by cybercriminals to breach security systems and steal sensitive information.
Top encryption tools like McAfee are popular among business users. McAfee provides full disk encryption for desktops, laptops, and servers. The algorithm uses Advanced Encryption Standard(AES) with 256-bit keys. McAfee AES is certified by US Federal Information Processing Standard. There is also ready integration of multi-layer authentication.
As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet, protecting all your users within minutes.
Cisco Advanced Malware Protection offers global threat intelligence, advanced sandboxing and real-time malware blocking to prevent breaches while it continuously analyzes file activity across your network, so that you can quickly detect, contain and remove advanced malware.
Presentation of Cisco Security Architecture and Solutions such as Cisco Advanced Malware Protection (AMP) and Cisco Umbrella during Simplex-Cisco Technology Session that took place at the Londa Hotel in Limassol on 14 March 2018.
Palestra do evento "Cybersecurity: a nova era em resposta a incidentes e auditoria de dados"
Jim Butterworth - Senior Cybersecurity Director Guidance Software Inc.
Brasília, 04 de agosto de 2010
1. DHISHANT ABROL
Email: dhishant@outlook.com
Contact No.:+91-9811787372
Objective:
To achieve the high standards of being the best among all, through hard work, positive
attitude and dedication and to be placed in an organization which sets high standards
for itself and gives me an opportunity to achieve my goal.
Summary:
I have 6+ Years of dedicated experience in the field of Information/Network Security.
Currently working in Cyber Intelligence Center of a US based client as Security
Researcher. Here leading a team of CSIRT (Cyber Security Incident response Team) to
handle major incidents and escalations. Also managing Vulnerability
Assessment/Penetration Testing (Based on OWASP Top 10) of Web Applications and
Network. Performing Malware Analysis, DDoS Prevention, analyzing various threats.
Managing Compliance and performing Risk Assessment & threat intelligence of client
network for the latest security threats. Performing Internal Auditing based on
(ISO27001, PCI-DSS/HIPPA) and delivering security awareness trainings.
Academic Qualifications:
B.TECH (Electronics Communication) from VIVEKANAND (V.I.T.S) ENGINEERING
COLLEGE, JINDAL NAGAR, GHAZIABAD in 2010 Secured 65.20%
12th from C.B.S.E Board, in 2006. DAV PUBLIC SCHOOL, DELHI Secured 72.40%
10th from C.B.S.E Board in 2004, PLATO PUBIC SCHOOL, DELHI Secured 75.20%
Certifications:
Cisco Certified Network Associate (CCNA)
ITIL V3 Foundation
Certified Ethical Hacker V9
Cambridge Certified Security Associate
ISO 27001 Lead Auditor
Qualys Guard Vulnerability Management Specialist
McAfee ePO 4.6
McAfee FoundStone 6.0
Airtight Certified Wireless Security Administrator(ACWSA)
Websense Web Security Gateway & Data Loss Prevention 7.7.3
2. Tools, Technologies and Skills: -
IDS/IPS: SNORT, IBM Proventia, Cisco Sourcefire.
Web Security - Websense, Cisco IronPort, Barracuda, Bluecoat Content Filter.
Auditing: ISO27001, PCI-DSS, HIPPA
Microsoft technologies: AD, ADFS, LDAP, Windows PKI, SharePoint. WSUS,
Antivirus – MacAfee ePO, SEPM, Trend Micro, FEP, SCEP.
Data Loss prevention – Websense, Symantec & MacAfee.
SIEM: HP-ArcSight, IBM-Q-radar, RSA Envision.
Compliance-Symantec ESM& Control Compliance Suit.
Vulnerability Assessment/PT: Nessus, Qualysguard, Nexpose, McAfee FondStone &
Metasploit
Process Skills: Information Security Management System, BCP/DR Planning.
DDoS attack: UDP/ICMP Flood, SYN Flood, HTTP Get Flood, TCP Connection Attack,
TCP Flag-based Attacks
Monitoring: BMC Remedy, Site Scope.
Honeypots: - Database Honeypots (Elastic honey), Web honeypots (Glastopf, Shadow
Daemon, Google Hack Honeypot), Service Honeypots (Kippo, troje), Deployment
(Dionaea, honeypotpi).
Cryptography: Encryption Algorithms, Digital Signature, Deploying PKI.
Malware Analysis: Process Explorer, Process Monitor, Net witness.
VPN: IPSEC, PPTP, L2TP, Open VPN
Virtualization: VMWARE & VMWARE ESXI
Cyber Forensic tools: Encase, PTK Forensics, FTK, X-Way Forensics, Backlight.
Network Tools: Snort, hping, tcpdump, Ethereal (packet analyzer), Wireshark, NMAP.
Protocols: - TCP/IP, UDP, HTTP, HTTPS, GRE, SMTP, DNS, BGP, OSPF, IGRP, EIGRP, SSL,
DHCP, FTP.
Experience Details:
HCL Technologies || 22-06-2015 to Present ||Security Researcher
Enterprise security architectures and security components that implement these
architectures including SIEM, DLP, IAM and leading security products.
Q radar administration for configuration and developing correlation rules for
different devices.
Enterprise network architectures, topologies and components that implement these
networks including TCP/IP, firewalls, proxies, and routers.
Client/server architectures and, server and end point component and technologies
including Linux and Microsoft servers, computers, and mobile devices.
Conduct open-source and classified research on emerging/trending threats and
vulnerabilities.
Deploying, managing MacAfee ePO, and McAfee HDLP for the entire world.
Setup different types of honeypots to collect malware samples.
Create finished, all-source intelligence assessments for inclusion in various Agency
and IC intelligence products.
Performs analysis related to the detection, characterization, monitoring and
warning of suspected unauthorized network activity and relationships that may
pose a threat.
Initiates projects and plans leveraging broad research and analysis that affect cyber
network defense.
Using different types of malware analysis/reversing tools (IDA Pro, Ollydbg) to find
out the root cause and analyzing the malware samples.
3. Provides rapid response to ad hoc requests from decision makers (e.g., special
intelligence analyses or personal briefings).
Developing analytical tools and methodologies to fill present gaps and address
future gaps.
Reviews reported tips and leads for threat information and sit uational awareness,
including determining location, activity, and severity and reporting trends.
Compares and contrasts new data with information already in intelligenc e
databases; seeks corroborative data; assesses individual pieces of information in
the context of broader assessments or operations; and disseminates significant
intelligence as appropriate.
Creating releasable products and weekly threat brief reports for Senior Leadership.
Analyzing a variety of network and host-based security appliance logs (Firewalls,
NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and
escalation paths for each incident.
Accenture Services Private Limited Gurgaon ||31-05-2013 to 15-06-2015||
Client: Travel, Construction & Hospitality Client
Managing Network /Information Security for multiple clients.
Daily Operations and incident management related to proxies – ISA & Iron Port
Daily Operation and incident management related to Symantec DLP
VA using Qualys Guard Scanner
Daily Operations and incident management related to Web Filtering – Barracuda,
Websense & Bluecoat.
Preventing any intrusion in Network via Cisco IPS and Source fire IPS.
Ensuring compliance of machines reporting to Forefront Endpoint Protection and
McAfee Virus Scan Enterprise.
Managing & Implementation of Microsoft UAG, as a reverse Proxy solution for
Publishing of Applications & VPN for the remote users.
Deployment of Network Access Protection (NAP) servers for client network.
Handing Security & Compliance for a US Based Hospitality Client.
Corporate SOC OF TCS Gurgaon ||25-4-2011 to 30-05-2013||
Client: TCS (Tata Consultancy Services Pvt. Ltd.)
Implemented and managing setup for Websense Web and DLP solution in TCS.
Managing SIM - logs from different security devices in common formats and
analyzing the logs.
Implementation of Event Source and VAM updates.
Responsible for maintaining machine compliance using Symantec ESM in entire TCS
environment.
Eliminating false positives and tuning security infrastructure for clarity in tracking
incidents.
Managed Airtight Wireless IPS for protection against Wireless Attacks.
Virus Remediation - Tackling different variants of Virus through centrally managed
SEPM, McAfee ePO, Malware Bytes & Microsoft Safety Scanner.
VA analysis for the TCS Servers through Nessus & Qualys Guard Scan.
Tackling SQL injection & XSS attempts.
Ticket creation & resolved within SLA in BMC remedy suite.
Incident handling, incident response and escalation management in a 24x7
environment.
Preparing SOPs, presentations and various Work Instruction documents for the
project.
Keeping track of any attack exploit in TCS network
4. Roles and Responsibilities:
1) Incident management, Problem Management & Change management related to
Web Proxies, ESM, Antivirus, DLP, VA, IPS.
2) Managing complete Security & Compliance for the client network.
3) Monitoring & Analyzing Real-Time & Co-related events, generated on SIEM.
4) Creation & Modification of Co-relation rules on SIEM.
5) Handling & deep investigating the incidents following Incident Response cycle.
6) Ensuring the signatures for all the devices (IBM IPS, Websense, SEPM, and FEP)
are patched on timely basis.
7) Remediating remotely the Trojan, Virus or Rootkit infected machine.
8) Vulnerability Analysis for endpoints via Nessus Scan & McAfee Found Stone.
9) Vulnerability Analysis for the websites via Qualys Scan.
10) Managing various machines on McAfee ePO & SEPM.
11) Analyzing Credit Card Number Disclosure events via Symantec& Websense DLP.
12) Regularly updating Knowledgebase.
13) Updating the policies, procedures & guideline documents as per the requirements.
14) Checking health of production devices & updating the latest patch available for all
the devices installed at client’s network.
15) Managing the daily, weekly & monthly reports sent to higher management.
Dell International as Security Engineer from ||30-11-2010 to 22-04-2011||
IBM DAKSH as a Security Analyst from ||23-06-2010 to 23-11-2010 ||
Assets:
1) Developed analytical problem solving skills
2) Positive attitude & Self-Motivated
3) Technical & Good Presentation Skills
Personal information:
Gender : Male
Father’s Name : Late Shri ASHOK RATTAN ABROL
Date of Birth : 20 Sep 1988
Languages Known : English, Hindi, and Punjabi
Permanent Address : Z-15 A NAVEEN SHAHDARA DELHI 110032
Nationality : Indian
Marital Status : Married
Declaration:
I hereby dec lare that the above - mentioned information is c orrec t up to my
knowledge and I bear the responsibility for the c orrec tness of the above-
mentioned partic ulars.