Nishant Grover

Experiences

Principal Security Engineer

Godaddy · Oct, 2023 - Present

Well, just joined. Let me write this later. 🙂

Security Engineer II - Security Incident Response

Amazon · June, 2021 - Oct, 2023

My job currently functions around: Handling & Leading Security Incidents, conducting threat hunts, writing runbooks/documents, building frugal solutions, collaboration with other security teams and writing detections for raising the security monitoring bar.

Senior Consultant - Incident Response

National Payments Corporation of India · Feb, 2018 - May, 2021

My major responsibilities was to Handle Escalated Cyber Security Incidents and support various teams to contain, remediate, recover operations as smoothly. When not handling incident, I was creating new detections, conducting threat hunts, building automation, running phishing exercises, handling security audits and providing training.

Cyber Security and OSINT Executive

Reliance Industries Ltd · Jul, 2016 - Jan, 2018

My major responsibilities was to research about latest threats targeting sectors relevant to Reliance Company and subsidiaries, and publish reports that went upto all Vice Presidents & Heads. When not writing reports, I would be training staff, police & defense officers on importance of cyber security and how they can protect themselves and the infrastructure from cyber attacks.

Project Trainee Intern

HDFC Bank · Jan, 2016 - June, 2016

My major responsibilities was to research about latest threats targeting sectors relevant to Reliance Company and subsidiaries, and publish reports that went upto all Vice Presidents & Heads. When not writing reports, I would be training staff, police & defense officers on importance of cyber security and how they can protect themselves and the infrastructure from cyber attacks.

Education

Masters in Cyber Security (MS)

Sardar Patel University of Police, Security & Criminal Justice · 2014 - 2016

Bachelor of Technology in Information Technology (BTech)

Jodhpur Institute of Engineering & Technology · 2010 - 2014

Projects/Publications

Shodmon - Monitoring your Org through Shodan

This tool can be used to monitor internet exposed surface, specifically speaking, your servers. Shodan scans the entire internet periodically and maps out details such as Ports open, type of service running, certificate details, organization to which the server belong, etc, all this to an IP Address. This is good for blue teamers to monitor your internet exposed servers and equalivalently good for red teamers to find loop holes onto exposed servers.

Chromensics - Google Chrome Forensics Tool

The Chromensics tool is developed to read all information from chrome browser directory and present it to user, in easy readable tabular format which can be explored in decent interface without running the chrome browser. The tool will also allow you retrieve information from other chrome installation brought from different machine for analyzing. The acquired artifacts can be exported in PDF report to present it in court of law or to superiors.

i-Map - Plot Geolocation from Images

i-Map is a Photo metadata forensic tool for Geo-location analysis of images that are clicked from GPS enabled devices. In this tool, you can load 100s of images from a suspect's device and analyze them to know various locations where photos were clicked on mobile phone/tablet. After loading images, with a single click, iMap plots all the images on World Map to visually check where they have been captured, generate timeline and activity of suspect and match them with CDR (Call Detail Record) Details.

Vulnerability Analysis of OnlineCabBooking Android Application

Android devices are not just phones, they are necessity for its users. Android’s open-source nature leads to massive development of applications for end users to use which also create lots of vulnerable applications that are ready to be exploited. In this paper we discuss and analyse the OnlineCabBookings Android application which is used for booking cabs online through smartphones and present vulnerabilities in its implementation which make it a playground for attackers.