Srujan Kumar
Research Scientist at Trellix- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Yadapally Sravan Kumar
Srujan is excellent in his job, very focused and hard worker, who has a calm and collected approach to every challenge and gets the job done. Having helped train me up, I then had the pleasure of working with him as a shift partner. He was great at keeping the team on track, and would be a valuable team member.
Yadapally Sravan Kumar
Srujan is excellent in his job, very focused and hard worker, who has a calm and collected approach to every challenge and gets the job done. Having helped train me up, I then had the pleasure of working with him as a shift partner. He was great at keeping the team on track, and would be a valuable team member.
Yadapally Sravan Kumar
Srujan is excellent in his job, very focused and hard worker, who has a calm and collected approach to every challenge and gets the job done. Having helped train me up, I then had the pleasure of working with him as a shift partner. He was great at keeping the team on track, and would be a valuable team member.
Yadapally Sravan Kumar
Srujan is excellent in his job, very focused and hard worker, who has a calm and collected approach to every challenge and gets the job done. Having helped train me up, I then had the pleasure of working with him as a shift partner. He was great at keeping the team on track, and would be a valuable team member.
Credentials
-
Wireshark Essential Training
LinkedInDec, 2019- Nov, 2024 -
CEH
-Sep, 2017- Nov, 2024 -
Arcsight Certified Security Analyst
-
Experience
-
Trellix
-
United States
-
Computer and Network Security
-
700 & Above Employee
-
Research Scientist
-
Aug 2022 - Present
• Proactively 'hunt' for Advanced Persistent Threats (APT) & newly emerging malware campaigns using OSINT • Perform static and dynamic malware analysis with analysis tools, create signatures with Fireye OpenIOC, and map attack stages with MITRE ATT&CK framework. • Knowledge on creating signatures for sophisticated malware campaigns such as Qakbot, Emotet, PlugX, Info Stealers, and Ransomwares, among others. • Perform an event triage analysis with RedLine to identify anomalous behaviour. • Experience in analysis of Microsoft O365 documents, LNK, Script files ( Powershell, VBScript & JScript )& PDF. • In-depth Knowledge on Windows sysinternal suite & Windows API calls. • Basic knowledge on reverse engineering using IDA disassembler & X32 debugger • Experienced in writing YARA signatures. Show less
-
-
-
NTT Ltd.
-
United Kingdom
-
IT Services and IT Consulting
-
700 & Above Employee
-
Security Analyst
-
Mar 2019 - Aug 2022
• Analyze threat intelligence (e.g. actors, tools, exploits, etc.) and determine techniques, tactics, and procedures (TTPs) of Threat Actors, including detailed technical analysis using Splunk. • Endpoint analysis experience with EDR tools such as CarbonBlack (CB), CrowdStrike, and Microsoft Defender ATP (MDATP) • Expertise in analyzing process graphs to determine Process Command Line, File Operation, Registry Changes, and Network Indicators • Experienced in Malicious Payload analysis using CyberChef • Basic knowledge on writing KQL queries • Knowledge in Network traffic analysis using Wireshark & Fiddler • Ability to develop scripts in Python and sound knowledge on Regular expressions Show less
-
-
-
Cognizant
-
United States
-
IT Services and IT Consulting
-
700 & Above Employee
-
Security Associate
-
Sep 2018 - Mar 2019
• Analyze data feeds for event detection, correlation and triage for further investigation using ArcSight SIEM. • Provide responses to customers who request assistance through our ticketing system • Identified violations of computer security policies and informed to client. • Delivered Security Bulletins for taking preventive measure and necessary detections. • Provided Weekly reports to senior management • Experienced in creating runbook and scope of work(SOW) documentation • Analyze data feeds for event detection, correlation and triage for further investigation using ArcSight SIEM. • Provide responses to customers who request assistance through our ticketing system • Identified violations of computer security policies and informed to client. • Delivered Security Bulletins for taking preventive measure and necessary detections. • Provided Weekly reports to senior management • Experienced in creating runbook and scope of work(SOW) documentation
-
-
-
Paladion an Eviden business
-
United States
-
Computer and Network Security
-
200 - 300 Employee
-
Arcsight Analyst & Admin
-
Feb 2015 - Sep 2018
• Real time event monitoring and analysis of Security devices such IPS, Firewall, Operating system (Unix and Windows), Database, and Email Gateway etc. using SIEM device ArcSight in 24/7 environment • Address client queries within SLA and regular follow-up on security tickets till closure • Development of ArcSight resources such as Rules, Reports, Trends and Dashboards • Created custom use cases to detect Phishing attacks and unauthorized email access • Implemented filtering mechanisms to reduce inflow events to SIEM. Potential ~70GB/Day events are filtered out • Automated the process to notify client about potential security incidents using velocity templates • Onboarded 200+ security devices with SIEM and assisted client in troubleshooting • Unparsed RAW data is parsed using Flex Connectors. Implemented more than 10parsers in client environment • Continuously hunting for new use cases and improve standard operating procedures (SOP) used by the SOC Show less
-
-
Community
