SlideShare a Scribd company logo
Nick Bilogorskiy 
10+ years in the computer security industry, specializing in reverse engineering malware, incident response, security team building and botnet takedown, and building excellent products that are easy to use. 
Experience 
2011 - present Cyphort San Jose, CA 
Technical Director of Security Research 
 Architected and implemented next-generation anti-malware product 
 Developed algorithms for behavior detection of zero-day EXE, PDF, Flash and Java malware 
 Blogging, conferences, industry relationships 
 Founded and grew the research department 
 Automated research lab tasks 
 Helped raise several rounds of financing 
2010 – 2011 Facebook Palo Alto, CA 
Chief Malware Researcher 
 Worked on shutting down Koobface and other malware botnets and worked with FBI on attribution 
 Coordinated developing effective malware countermeasures 
 Provided response to security incidents, code security audits, cyber crime investigations 
 As malware subject matter expert, advised the engineering team on security requirements 
 PR response to malware issues 
 Engaged in building a world class malware response function 
2008 - present MUTE Group Sunnyvale, CA 
Co-founder and Board Member 
 Founded the bootstrapped service - interface for researchers to exchange malware links 
 Grew to 30+ participant companies and 100,000+ unique URLs per day 
 Built and maintained the public website – mutegroup.org 
June 2006 – March 2010 SonicWALL, acquired by DELL Sunnyvale, CA 
Manager, Malware Research 
 Malware and vulnerability analysis, virus trends, quoted in the media 
 Built and managed a team of top-notch researchers 
 Developed patent-pending cloud antivirus technology. Patent #20110016527 
Phone: (408) 203-4323 
nbilogorskiy@gmail.com 
http://www.linkedin.com/in/bilogorskiy 
867 Lewis Ave, 
Sunnyvale, CA 
94086
Page 2 
Feb. 2004 – May 2006 Fortinet Technologies Vancouver, CAN 
Manager, Malware Research & Escalation 
 Directed a team of international researchers from the USA, Canada, France, and China 
 Increased the coverage of Fortinet in the media, improved quality of detection and descriptions 
 Built a QA team and developed a testing process to test the Antivirus Engine 
Jan. – Dec. 2003 Art In Motion Vancouver, CAN 
Programmer / Analyst 
 Developed customized solutions for the Licensing Department [XML, VB, SQL, Outlook API] 
Jan. – May 2002 Microsoft Corporation Redmond, WA 
Software Test Engineer - Intern 
 Feature testing for MS Word. Made specs, test plans and automation [Word API, VB, XML] 
2000 – 2001 Randronics Digital Burnaby, Canada 
Co-Founder / Lead web designer 
 Founded a web design company and built several commercial websites [SQL, Flash, DHTML] 
Education 
2000–2003 Simon Fraser University Burnaby, Canada 
 Bachelor of Science, Computing Science; Concentration: Software Engineering, AI, Philosophy 
1998–2000 Capilano College Burnaby, Canada 
 Diploma in Computing Science.
Page 3 
Projects 
Facebook: Koobface botnet takedown March 2011 
For two years the Koobface worm was spreading on Facebook, infecting millions of Windows users who clicked on a malicious link in an infected friend’s message. I worked on the attribution and enforcement on Koobface authors and the coordination of Koobface assets takedown. In March 2011 the efforts paid off when Koobface stopped targeting Facebook. 
Facebook: Anti-Clickjacking measures February 2011 
After its launch, Facebook’s LIKE feature was widely abused by rogue affiliate scams (likejackers). I helped build a system designed to detect malicious "Like" patterns that requires an additional confirmation for pages that trigger this mechanism. https://www.facebook.com/facebook/posts/207321425975188 
Facebook: Virus Bulletin keynote October 2010 
I delivered the keynote address at the annual Virus Bulletin anti-malware conference, VB2010 in Vancouver, Canada. In the keynote I presented a brief overview of Facebook security organization, followed by a run-down of common Internet threats and their specific effect on Facebook, with focus on Koobface and other Facebook-specific malware families. 
Facebook: Malware Roadblock May 2010 
I extended and supported Facebook’s remediation solution for malware infected users – the Roadblock. I worked with partners daily to ensure Roadblock was effective against all Facebook malware threats: https://www.facebook.com/note.php?note_id=10150902333195766 
Facebook: Facebook Immune System April 2010 
I worked on the anti-malware components of the Facebook Immune System. The backbone of the site security, FIS analyzes every action on the site as it happens, to determine its threat level, and decide how to respond. To make this decision it looks at the reputation of the cookie, IP address, and a number of other factors. It runs on 2,000 servers, checks 640,000 user actions per second at peak, aggregates and analyzes 5,000 different signals, contains 200 different models and does 20 billion classifications checks every day. https://www.facebook.com/note.php?note_id=10150352042420766 
DELL SonicWALL: Cloud Antivirus January 2010 
I helped design and implement the patent-pending technology behind the “cloud antivirus” feature in SonicWALL’s Email Security appliances. PostgreSQL, Linux, C++. http://patents.com/us-20110016527.html 
DELL SonicWALL: Botnet Interactions Diagram February 2009 
This project aimed at presenting in a visual format the results of my research of top botnets in the world and the “bad actor” groups behind them, and charting their interactions.
Page 4 
DELL SonicWALL: SonicALERT February 2008 
I was responsible for running the public company’s research blog, featuring new content about malware threats weekly. https://www.mysonicwall.com/sonicalert/sonicalert.aspx 
DELL SonicWALL: Antivirus Honeypot June 2007 
I set up scripts and hardware to capture malicious traffic from the Web. Traffic was gathered, viruses extracted, sorted and forwarded to the virus lab for analysis. 
FortiGuardCentre research portal website March 2005 
I was involved in concept generation, design and implementation of a major corporation’s research portal. Special applications were incorporated, e.g. the online virus scanner, web addresses URL lookup, global threats statistics, and more. See the site at: http://www.fortiguardcenter.com 
Fortinet: Antivirus Cross-Scanner Interface March 2004 
I installed 9 antivirus products on the server and created Perl scripts to download and install their antivirus pattern updates automatically. The users could submit a file to the server via HTTP upload, and the cross-scanner was run [the file was scanned with all available antivirus vendors products at once]. Each virus scanner ran in parallel on different client machines, then log was parsed and results were combined under one interface and stored in the database. Similar to http://www.virustotal.com/ 
Fortinet: Clean Collection & False Positive Testing May 2004 
False positive happens when a clean file is reported incorrectly as a virus by antivirus software. The only practical way to fight false positives is to use a comprehensive clean file collection. I built the collection and the database-driven interface to allow a virus analyst to submit a test pattern and scan the whole collection. Three analyst teams from different countries (Canada, France and China) were able to test their antivirus patterns and avoid false positives. Linux shell scripts, Perl, PHP were used. 
Fortinet: Virus Auto-Replication System June 2004 
I used Perl and C++ to create a virus Auto-Replication system that is controlled remotely via the Web. First, a snapshot is taken of the computer system, and then a virus is executed. Another snapshot is taken and compared to the original. All changed and newly created files (replicated samples) are added to the database. The system is then rebooted, and a clean image is restored to reset the environment. 
Fortinet: Performance Test Automation October 2004 
I automated performance testing of Fortinet security appliances by creating Perl scripts that tested virus detection on all supported protocols (HTTP, FTP, IMAP, POP3, and SMTP). 
Microsoft Content Management Server Setup July 2001 
After Microsoft acquired NCompass, I rewrote and rebranded the installation module for NCompass Resolution in a newer version of InstallScript language.. http://en.wikipedia.org/wiki/Microsoft_Content_Management_Server
Page 5 
C 
Perl, Python, PHP 
SQL 
Bash shell script 
Visual Basic, XML 
Java 
.NET 
Familiar Experienced Proficient 
Skills 
I am skilled at reverse-engineering, static and dynamic malware analysis, disassembly, debugging, writing patterns and tracking malware, networking, research publications and conference presentations, and representing the company at international events. 
Programming 
Software & Hardware 
 Security: OllyDbg, IDA Pro, Wireshark, VMWare, Snort, tcpdump, nmap, nessus 
 Web vulnerabilities: XSS, CSRF, SQL Injection, Clickjacking 
 OS: Windows, Unix, Linux 
 Web servers: IIS, Apache, Tomcat, ICAP, Squid 
 DB: MS Access, SQL Server, mySQL, PostgreSQL, NoSQL (Hadoop, Hive), SQLite3 
 Adobe Flash, Photoshop, PageMaker, ImageReady, Premiere 
 HTML5, DHTML, JavaScript, Jscript, VBScript, ASP, ColdFusion, JSP, AJAX, OpenGL 
 SourceSafe, Perforce, Subversion, CVS, Git 
Soft Skills 
 Excellent business and interpersonal communication skills 
 Fluent in English, Russian and Ukrainian 
 Canadian Citizen, H1B status. 
 Business sense – make sound decisions for company’s benefit 
 Leadership – manage people and resources efficiently to achieve deadlines 
 Certifications: GREM – (SANS GIAC Reverse Engineering), Red Cross First Aid, CPR 
 My hobby is music – I sing and play guitar in a rock band. 
References Available upon request

More Related Content

Viewers also liked

YakovGusyatinski_CV_2014.doc
YakovGusyatinski_CV_2014.docYakovGusyatinski_CV_2014.doc
YakovGusyatinski_CV_2014.docYakov Gusyatinski
 
Sery Leon Cv Amdocs
Sery Leon Cv AmdocsSery Leon Cv Amdocs
Sery Leon Cv Amdocsleonsery
 
Erlang Software Developer CV
Erlang Software Developer CVErlang Software Developer CV
Erlang Software Developer CV
Alex Radetsky
 
Resume of mandar_yadav
Resume of mandar_yadavResume of mandar_yadav
Resume of mandar_yadav
yadmandar
 
Boris Lykah Resume
Boris Lykah ResumeBoris Lykah Resume
Boris Lykah ResumeBoris Lykah
 
CV - Vladimir Vyazmin - DevOps -2017
CV - Vladimir Vyazmin - DevOps -2017CV - Vladimir Vyazmin - DevOps -2017
CV - Vladimir Vyazmin - DevOps -2017kipialive
 
Java Developer resume
Java Developer resume Java Developer resume
Java Developer resume
Pavel Plakhotnik
 

Viewers also liked (14)

YakovGusyatinski_CV_2014.doc
YakovGusyatinski_CV_2014.docYakovGusyatinski_CV_2014.doc
YakovGusyatinski_CV_2014.doc
 
Grigorian_Max_CV
Grigorian_Max_CVGrigorian_Max_CV
Grigorian_Max_CV
 
CV_Maksym_Ozhygin_en
CV_Maksym_Ozhygin_enCV_Maksym_Ozhygin_en
CV_Maksym_Ozhygin_en
 
CV Ruslan Ilyasov
CV Ruslan IlyasovCV Ruslan Ilyasov
CV Ruslan Ilyasov
 
CV
CVCV
CV
 
Sery Leon Cv Amdocs
Sery Leon Cv AmdocsSery Leon Cv Amdocs
Sery Leon Cv Amdocs
 
Vladyslav_Chapiuk_Resume_en
Vladyslav_Chapiuk_Resume_enVladyslav_Chapiuk_Resume_en
Vladyslav_Chapiuk_Resume_en
 
Erlang Software Developer CV
Erlang Software Developer CVErlang Software Developer CV
Erlang Software Developer CV
 
Resume of mandar_yadav
Resume of mandar_yadavResume of mandar_yadav
Resume of mandar_yadav
 
Best resume ever!!!
Best resume ever!!!Best resume ever!!!
Best resume ever!!!
 
Boris Lykah Resume
Boris Lykah ResumeBoris Lykah Resume
Boris Lykah Resume
 
Resume
ResumeResume
Resume
 
CV - Vladimir Vyazmin - DevOps -2017
CV - Vladimir Vyazmin - DevOps -2017CV - Vladimir Vyazmin - DevOps -2017
CV - Vladimir Vyazmin - DevOps -2017
 
Java Developer resume
Java Developer resume Java Developer resume
Java Developer resume
 

Similar to Resume

IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011WASecurity
 
Web Application Development.pptx
Web Application Development.pptxWeb Application Development.pptx
Web Application Development.pptx
Google
 
EricLong_Resume_Public
EricLong_Resume_PublicEricLong_Resume_Public
EricLong_Resume_PublicEric Long
 
Advanced malware analysis training session8 introduction to android
Advanced malware analysis training session8 introduction to androidAdvanced malware analysis training session8 introduction to android
Advanced malware analysis training session8 introduction to android
Cysinfo Cyber Security Community
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Mobodexter
 
Jim_Colombo_Resume_2016
Jim_Colombo_Resume_2016Jim_Colombo_Resume_2016
Jim_Colombo_Resume_2016Jim Colombo
 
Jeff Olson\'s Resume
Jeff Olson\'s ResumeJeff Olson\'s Resume
Jeff Olson\'s ResumeJeff Olson
 
100 effective software testing tools that boost your Testing
100 effective software testing tools that boost your Testing100 effective software testing tools that boost your Testing
100 effective software testing tools that boost your Testing
BugRaptors
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Black Duck by Synopsys
 
B&W Netsparker overview
B&W Netsparker overviewB&W Netsparker overview
B&W Netsparker overview
Marusya Maruzhenko
 
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
University of Antwerp
 
Matteo meucci Software Security - Napoli 10112016
Matteo meucci   Software Security - Napoli 10112016Matteo meucci   Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016
Minded Security
 
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn'tInfographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Sonatype
 
The unprecedented state of web insecurity
The unprecedented state of web insecurityThe unprecedented state of web insecurity
The unprecedented state of web insecurity
Vincent Kwon
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
Black Duck by Synopsys
 
Top 10 Web Vulnerability Scanners
Top 10 Web Vulnerability ScannersTop 10 Web Vulnerability Scanners
Top 10 Web Vulnerability Scannerswensheng wei
 
Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics:Towards Software Mining that Matters (2014)Software Analytics:Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)
Tao Xie
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
Bunmi Sowande
 
Advanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to AndroidAdvanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to Android
securityxploded
 

Similar to Resume (20)

IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011IT Vulnerability & Tools Watch 2011
IT Vulnerability & Tools Watch 2011
 
Web Application Development.pptx
Web Application Development.pptxWeb Application Development.pptx
Web Application Development.pptx
 
EricLong_Resume_Public
EricLong_Resume_PublicEricLong_Resume_Public
EricLong_Resume_Public
 
Advanced malware analysis training session8 introduction to android
Advanced malware analysis training session8 introduction to androidAdvanced malware analysis training session8 introduction to android
Advanced malware analysis training session8 introduction to android
 
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat US...
 
Jim_Colombo_Resume_2016
Jim_Colombo_Resume_2016Jim_Colombo_Resume_2016
Jim_Colombo_Resume_2016
 
Jeff Olson\'s Resume
Jeff Olson\'s ResumeJeff Olson\'s Resume
Jeff Olson\'s Resume
 
Project Presentation
Project Presentation Project Presentation
Project Presentation
 
100 effective software testing tools that boost your Testing
100 effective software testing tools that boost your Testing100 effective software testing tools that boost your Testing
100 effective software testing tools that boost your Testing
 
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black DuckSoftware Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck
 
B&W Netsparker overview
B&W Netsparker overviewB&W Netsparker overview
B&W Netsparker overview
 
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
Finding Bugs, Fixing Bugs, Preventing Bugs — Exploiting Automated Tests to In...
 
Matteo meucci Software Security - Napoli 10112016
Matteo meucci   Software Security - Napoli 10112016Matteo meucci   Software Security - Napoli 10112016
Matteo meucci Software Security - Napoli 10112016
 
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn'tInfographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
 
The unprecedented state of web insecurity
The unprecedented state of web insecurityThe unprecedented state of web insecurity
The unprecedented state of web insecurity
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 
Top 10 Web Vulnerability Scanners
Top 10 Web Vulnerability ScannersTop 10 Web Vulnerability Scanners
Top 10 Web Vulnerability Scanners
 
Software Analytics: Towards Software Mining that Matters (2014)
Software Analytics:Towards Software Mining that Matters (2014)Software Analytics:Towards Software Mining that Matters (2014)
Software Analytics: Towards Software Mining that Matters (2014)
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
 
Advanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to AndroidAdvanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to Android
 

More from Nick Bilogorskiy

Collecting computers for Ukraine
Collecting computers for UkraineCollecting computers for Ukraine
Collecting computers for Ukraine
Nick Bilogorskiy
 
Nova Ukraine: Computers Collection
Nova Ukraine: Computers CollectionNova Ukraine: Computers Collection
Nova Ukraine: Computers Collection
Nick Bilogorskiy
 
Vareniki Party Aug 28
Vareniki Party Aug 28Vareniki Party Aug 28
Vareniki Party Aug 28
Nick Bilogorskiy
 
Putin.Voina - Nemtsov report
Putin.Voina - Nemtsov reportPutin.Voina - Nemtsov report
Putin.Voina - Nemtsov report
Nick Bilogorskiy
 
Malvertising
MalvertisingMalvertising
Malvertising
Nick Bilogorskiy
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
Nick Bilogorskiy
 
Botnet Interactions 2009
Botnet Interactions 2009Botnet Interactions 2009
Botnet Interactions 2009
Nick Bilogorskiy
 
Future of Ukraine Panel
Future of Ukraine PanelFuture of Ukraine Panel
Future of Ukraine Panel
Nick Bilogorskiy
 
Babylon 13-2015-poster
Babylon 13-2015-posterBabylon 13-2015-poster
Babylon 13-2015-poster
Nick Bilogorskiy
 
Cyber attacks in Ukraine
Cyber attacks in UkraineCyber attacks in Ukraine
Cyber attacks in Ukraine
Nick Bilogorskiy
 
Dissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick BilogorskiyDissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick Bilogorskiy
Nick Bilogorskiy
 
Comscore US mobile App report 2014
Comscore US mobile App report 2014Comscore US mobile App report 2014
Comscore US mobile App report 2014
Nick Bilogorskiy
 

More from Nick Bilogorskiy (12)

Collecting computers for Ukraine
Collecting computers for UkraineCollecting computers for Ukraine
Collecting computers for Ukraine
 
Nova Ukraine: Computers Collection
Nova Ukraine: Computers CollectionNova Ukraine: Computers Collection
Nova Ukraine: Computers Collection
 
Vareniki Party Aug 28
Vareniki Party Aug 28Vareniki Party Aug 28
Vareniki Party Aug 28
 
Putin.Voina - Nemtsov report
Putin.Voina - Nemtsov reportPutin.Voina - Nemtsov report
Putin.Voina - Nemtsov report
 
Malvertising
MalvertisingMalvertising
Malvertising
 
Attack on Sony
Attack on SonyAttack on Sony
Attack on Sony
 
Botnet Interactions 2009
Botnet Interactions 2009Botnet Interactions 2009
Botnet Interactions 2009
 
Future of Ukraine Panel
Future of Ukraine PanelFuture of Ukraine Panel
Future of Ukraine Panel
 
Babylon 13-2015-poster
Babylon 13-2015-posterBabylon 13-2015-poster
Babylon 13-2015-poster
 
Cyber attacks in Ukraine
Cyber attacks in UkraineCyber attacks in Ukraine
Cyber attacks in Ukraine
 
Dissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick BilogorskiyDissecting Zeus by Nick Bilogorskiy
Dissecting Zeus by Nick Bilogorskiy
 
Comscore US mobile App report 2014
Comscore US mobile App report 2014Comscore US mobile App report 2014
Comscore US mobile App report 2014
 

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
UiPathCommunity
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..UiPath Community Day Dubai: AI at Work..
UiPath Community Day Dubai: AI at Work..
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 

Resume

  • 1. Nick Bilogorskiy 10+ years in the computer security industry, specializing in reverse engineering malware, incident response, security team building and botnet takedown, and building excellent products that are easy to use. Experience 2011 - present Cyphort San Jose, CA Technical Director of Security Research  Architected and implemented next-generation anti-malware product  Developed algorithms for behavior detection of zero-day EXE, PDF, Flash and Java malware  Blogging, conferences, industry relationships  Founded and grew the research department  Automated research lab tasks  Helped raise several rounds of financing 2010 – 2011 Facebook Palo Alto, CA Chief Malware Researcher  Worked on shutting down Koobface and other malware botnets and worked with FBI on attribution  Coordinated developing effective malware countermeasures  Provided response to security incidents, code security audits, cyber crime investigations  As malware subject matter expert, advised the engineering team on security requirements  PR response to malware issues  Engaged in building a world class malware response function 2008 - present MUTE Group Sunnyvale, CA Co-founder and Board Member  Founded the bootstrapped service - interface for researchers to exchange malware links  Grew to 30+ participant companies and 100,000+ unique URLs per day  Built and maintained the public website – mutegroup.org June 2006 – March 2010 SonicWALL, acquired by DELL Sunnyvale, CA Manager, Malware Research  Malware and vulnerability analysis, virus trends, quoted in the media  Built and managed a team of top-notch researchers  Developed patent-pending cloud antivirus technology. Patent #20110016527 Phone: (408) 203-4323 nbilogorskiy@gmail.com http://www.linkedin.com/in/bilogorskiy 867 Lewis Ave, Sunnyvale, CA 94086
  • 2. Page 2 Feb. 2004 – May 2006 Fortinet Technologies Vancouver, CAN Manager, Malware Research & Escalation  Directed a team of international researchers from the USA, Canada, France, and China  Increased the coverage of Fortinet in the media, improved quality of detection and descriptions  Built a QA team and developed a testing process to test the Antivirus Engine Jan. – Dec. 2003 Art In Motion Vancouver, CAN Programmer / Analyst  Developed customized solutions for the Licensing Department [XML, VB, SQL, Outlook API] Jan. – May 2002 Microsoft Corporation Redmond, WA Software Test Engineer - Intern  Feature testing for MS Word. Made specs, test plans and automation [Word API, VB, XML] 2000 – 2001 Randronics Digital Burnaby, Canada Co-Founder / Lead web designer  Founded a web design company and built several commercial websites [SQL, Flash, DHTML] Education 2000–2003 Simon Fraser University Burnaby, Canada  Bachelor of Science, Computing Science; Concentration: Software Engineering, AI, Philosophy 1998–2000 Capilano College Burnaby, Canada  Diploma in Computing Science.
  • 3. Page 3 Projects Facebook: Koobface botnet takedown March 2011 For two years the Koobface worm was spreading on Facebook, infecting millions of Windows users who clicked on a malicious link in an infected friend’s message. I worked on the attribution and enforcement on Koobface authors and the coordination of Koobface assets takedown. In March 2011 the efforts paid off when Koobface stopped targeting Facebook. Facebook: Anti-Clickjacking measures February 2011 After its launch, Facebook’s LIKE feature was widely abused by rogue affiliate scams (likejackers). I helped build a system designed to detect malicious "Like" patterns that requires an additional confirmation for pages that trigger this mechanism. https://www.facebook.com/facebook/posts/207321425975188 Facebook: Virus Bulletin keynote October 2010 I delivered the keynote address at the annual Virus Bulletin anti-malware conference, VB2010 in Vancouver, Canada. In the keynote I presented a brief overview of Facebook security organization, followed by a run-down of common Internet threats and their specific effect on Facebook, with focus on Koobface and other Facebook-specific malware families. Facebook: Malware Roadblock May 2010 I extended and supported Facebook’s remediation solution for malware infected users – the Roadblock. I worked with partners daily to ensure Roadblock was effective against all Facebook malware threats: https://www.facebook.com/note.php?note_id=10150902333195766 Facebook: Facebook Immune System April 2010 I worked on the anti-malware components of the Facebook Immune System. The backbone of the site security, FIS analyzes every action on the site as it happens, to determine its threat level, and decide how to respond. To make this decision it looks at the reputation of the cookie, IP address, and a number of other factors. It runs on 2,000 servers, checks 640,000 user actions per second at peak, aggregates and analyzes 5,000 different signals, contains 200 different models and does 20 billion classifications checks every day. https://www.facebook.com/note.php?note_id=10150352042420766 DELL SonicWALL: Cloud Antivirus January 2010 I helped design and implement the patent-pending technology behind the “cloud antivirus” feature in SonicWALL’s Email Security appliances. PostgreSQL, Linux, C++. http://patents.com/us-20110016527.html DELL SonicWALL: Botnet Interactions Diagram February 2009 This project aimed at presenting in a visual format the results of my research of top botnets in the world and the “bad actor” groups behind them, and charting their interactions.
  • 4. Page 4 DELL SonicWALL: SonicALERT February 2008 I was responsible for running the public company’s research blog, featuring new content about malware threats weekly. https://www.mysonicwall.com/sonicalert/sonicalert.aspx DELL SonicWALL: Antivirus Honeypot June 2007 I set up scripts and hardware to capture malicious traffic from the Web. Traffic was gathered, viruses extracted, sorted and forwarded to the virus lab for analysis. FortiGuardCentre research portal website March 2005 I was involved in concept generation, design and implementation of a major corporation’s research portal. Special applications were incorporated, e.g. the online virus scanner, web addresses URL lookup, global threats statistics, and more. See the site at: http://www.fortiguardcenter.com Fortinet: Antivirus Cross-Scanner Interface March 2004 I installed 9 antivirus products on the server and created Perl scripts to download and install their antivirus pattern updates automatically. The users could submit a file to the server via HTTP upload, and the cross-scanner was run [the file was scanned with all available antivirus vendors products at once]. Each virus scanner ran in parallel on different client machines, then log was parsed and results were combined under one interface and stored in the database. Similar to http://www.virustotal.com/ Fortinet: Clean Collection & False Positive Testing May 2004 False positive happens when a clean file is reported incorrectly as a virus by antivirus software. The only practical way to fight false positives is to use a comprehensive clean file collection. I built the collection and the database-driven interface to allow a virus analyst to submit a test pattern and scan the whole collection. Three analyst teams from different countries (Canada, France and China) were able to test their antivirus patterns and avoid false positives. Linux shell scripts, Perl, PHP were used. Fortinet: Virus Auto-Replication System June 2004 I used Perl and C++ to create a virus Auto-Replication system that is controlled remotely via the Web. First, a snapshot is taken of the computer system, and then a virus is executed. Another snapshot is taken and compared to the original. All changed and newly created files (replicated samples) are added to the database. The system is then rebooted, and a clean image is restored to reset the environment. Fortinet: Performance Test Automation October 2004 I automated performance testing of Fortinet security appliances by creating Perl scripts that tested virus detection on all supported protocols (HTTP, FTP, IMAP, POP3, and SMTP). Microsoft Content Management Server Setup July 2001 After Microsoft acquired NCompass, I rewrote and rebranded the installation module for NCompass Resolution in a newer version of InstallScript language.. http://en.wikipedia.org/wiki/Microsoft_Content_Management_Server
  • 5. Page 5 C Perl, Python, PHP SQL Bash shell script Visual Basic, XML Java .NET Familiar Experienced Proficient Skills I am skilled at reverse-engineering, static and dynamic malware analysis, disassembly, debugging, writing patterns and tracking malware, networking, research publications and conference presentations, and representing the company at international events. Programming Software & Hardware  Security: OllyDbg, IDA Pro, Wireshark, VMWare, Snort, tcpdump, nmap, nessus  Web vulnerabilities: XSS, CSRF, SQL Injection, Clickjacking  OS: Windows, Unix, Linux  Web servers: IIS, Apache, Tomcat, ICAP, Squid  DB: MS Access, SQL Server, mySQL, PostgreSQL, NoSQL (Hadoop, Hive), SQLite3  Adobe Flash, Photoshop, PageMaker, ImageReady, Premiere  HTML5, DHTML, JavaScript, Jscript, VBScript, ASP, ColdFusion, JSP, AJAX, OpenGL  SourceSafe, Perforce, Subversion, CVS, Git Soft Skills  Excellent business and interpersonal communication skills  Fluent in English, Russian and Ukrainian  Canadian Citizen, H1B status.  Business sense – make sound decisions for company’s benefit  Leadership – manage people and resources efficiently to achieve deadlines  Certifications: GREM – (SANS GIAC Reverse Engineering), Red Cross First Aid, CPR  My hobby is music – I sing and play guitar in a rock band. References Available upon request