Rohit Sehgal

Rohit Sehgal

Travel, Code, Help and Excel

Infomation Security and Automation Ninja @ VISA

who-am-i

A small town boy and a Security Engineer by passion.

OSCP Certified, Masters degree from IITK with specialization in System Security and more than 3.5 years of professional security experience, across Development of security services, Penetration Testing, SecOps, System Security, SSDLC and Security Architecture. Experience in writing Checkmarx SAST Audit Queries (CxQL). Experience working with SAST & DAST tools. Currently Cybersecurity Engineer at Visa.

A proud Author, Engineer, Maintainer, and Architect of extremely reliable and privacy friendly hosted disposable email service TrashEmail. Also Engineer and maintainer of a tool that can identify the weak configurations inside running dockers containers DockerENT. Authored a book and delivered various security sessions at International conferences. Inventor of 2 Patents and 1 Trade-secret. An active open source contributor. Drop by his GitHub too, there are really cool and awesome stuff, and you will love it.

Few of his popular open source projects:

  1. DockerENT
  2. TrashEmail
  3. DoT-Proxy - Work In Progress
  4. Cloudmaker

Delivered various global security trainings at past and current organization. Loves to create challenging problems for CTFs. Hosted a couple of CTF events organization wide and in public domain. Actively working to make security simple and reachable to every developer.

An adventure freak, who loves to travel and call himself a philanthropist, a coder and ctf-player in his free time. Involved in active research in and around security.

Interests

  • Web Application Security
  • Linux Binary Exploitation
  • Docker & Kubernetes
  • SAST, DAST & their Automation
  • Reverse Engineering
  • Java Spring-(boot|cloud), Python Djano
  • My love for ❤️ CLI

Education

  • Masters in System Security, 2017

    Indian Institute of Technology, Kanpur

  • Bachelors in CSE, 2015

Experience

 
 
 
 
 

Cybersecurity Engineer

Visa

Jun 2019 – Present India

Responsibilities include:

  • Invented a patent and trade-secret with Visa.
  • Experience in writing Checkmarx SAST Audit Queries.
  • Develop processes and implement tools and techniques to perform ongoing security assessments of the environment.
  • Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary. Also perform secure design reviews as required and provide necessary feedback.
  • Lead and implemented a project for internal IAM application which helps in tracking UAR (User access review). Designed and implemented this solution from end to end. Micro-service architecture, Java Spring-boot and Spring-cloud, entire CI/CD automation using Jenkins.
  • Automated various scanning and reporting flows with Python.
  • Delivered various security trainings across various product development teams.
 
 
 
 
 

Security Engineer II

WalmartLabs

Aug 2017 – May 2019 India

Responsibilities include:

  • Invented a patent with Walmart.
  • Work with internal teams to perform penetration tests on their staging operating systems, Network setups and Applications as necessary.
  • Hold various workshops and CTFs to better understand state of art exploitation technique and how to mitigate them for product development teams. The highlighted of them were: Linux System Hardening & System Binary exploitation and was also awarded for the same.
  • Responsible for performing manual penetration testing and communicating findings to both Business and Developers, also help them to mitigate the issues.
  • Provide guidance to development teams as SME for security as and when required.
  • Work with development teams to validate, assess, understand root cause and mitigate vulnerabilities.
  • File Integrity Monitoring that scales to 50K nodes few of which were legacy nodes.
  • Administration portal for controlling Torbit CDN rules. Responsible for entire end to end design of this project.
  • Public Cloud monitoring solution to continuously monitor public cloud deployments eg Azure and GCP under Walmart’s subscription and then generating alerts using Splunk SIEM.
 
 
 
 
 

Intern

Cybersecurtiy Research Labs, IITK

Jun 2017 – Jul 2017 India

Responsibilities include:

  • Worked for finding various security flaws at protocol level of industrial SCADA system.
 
 
 
 
 

Intern

SAMSUNG Research Institute, Delhi

Jun 2016 – Jul 2016 India

Responsibilities include:

  • HoneyClient Model for smart devices.
  • ClientPot for the analysis of the website that are most commonly visited by the user running a smart device.
  • The results offered by the system was promising and the system can be slightly modified run on any Linux based devices.

Certifications

Learning Journey

OSCP

Offensive Security Certified Professional
See certificate

Photography

Eye of my phone

Beauty Of Haridwar

I grew up in Haridwar, India, a small town in foothills of the Himalayas. At times, I like to capture natural beauty through eyes of my phone, I know it won’t do justice, but a small attempt.

City of London

Some time back I travelled to London. I was in love with the charisma of the city. Checkout few of the glimpse.

Projects

Code when you feel sleepy.

*

K8s in 30 Mins

Learn the basics of Kubernetes in just 30Mins.

Docker-ENT

A pluggable, runtime docker scanning framework.

TrashEmail

Pluggable framework for disposable emails.

TorTiPi

Convert your RaspBerry Pi to tor based wifi hotspot.

Cloudmarker

A public cloud monitoring framework.

BinExp

Getting Started with Linux Binary Exploitation.

TG Connector

A framework that connects TG bot to REST API.

Talks

Container runtime configuration monitoring tool

Dockers are growing and so are their threats. There are plenty of tools to scan a docker image but there are very few to no tool to …

DockerENT captures docker runtime security issues.

Dockers are growing and so are their threats. There are plenty of tools to scan a docker image but there are very few to no tool to …

DockerENT: Runtime docker security scanning tool

Dockers are growing and so are their threats. There are plenty of tools to scan a docker image but there are very few to no tool to …

Publications

Series: Basics of Linux Binary Exploitation

I am quite passionate about exploiting binary files. The first time when I came across Buffer Overflow(a simple technique of …

Hacking the interenals of Django Auth

Plugging in additional auth mechanism to Django admin login

Tracing Cyber Threats with Honey-systems

Honey-pots, Honey-nets, and Honey-systems are entrapment devices to capture the continuous barrage of cyber-attacks to the IT …

Cybersecurity In India

Honeypot is a entrapment mechanism that provides attackers with all necessary resources needed for a successful attack. Unlike …

Popular Topics

Contact