Arul Selvan Ramalingam

Objective is to deep dive into cyber security field and always be in the technical forefront of the cyber world want to be in an organization where it provides opportunity to be in a technical forefront.

Always want to be a part of a solution whatever the problem comes. So one can move forward breaking the obstacles.

EC-Council Computer Hacking Forensic Investigator

• Vulnerability Management:

Used Tenable & Nessus to scan our corporate environment, asses the vulnerability and assist the server owners to remediate the vulnerabilities. Initiating remediation scans, particular CVE based scans.

• Web Application Security:

Experience in web Application Security Assessment in the standards of OWASP top 10 not limited to that and includes SANS top 25. Worked for different types of client including banks, industry, insurance based on India & Middle East covering XSS, IDOR, Privilege Escalation, Malicious File Upload and SQL Injection.

• Mobile Application Security:

Assessment on Android & iOS Platform for the Banks in India & Other Middle East Countries covering Reverse Engineering of apps, code tampering, root bypassing and other OWASP Mobile Top 10.

• Network Penetration Testing:

Have experience on both internal & external penetration testing which includes Nessus scans, port scans, service enumeration, version enumeration, privilege escalation also.

• Digital Forensics:

Worked on Cyber Forensics projects with knowledge of how to proceed for incident in a corporate environment and how to retrieve logs and analysis, have hands on experience on tools like EnCase, FTKImager , X-Way Forensics, Intella, IEF etc.

• Security Operation Center & SIEM:

Worked on SOC teams for the banking sectors where the work involved handling proxy servers, IDS & IPS for incidents detection. Preparing monthly, weekly reports to the management. Involved in SIEM activities to resolve day to day tickets assigned in SIEM tool and investigating the tickets whether it's a false positive or not and bringing to the broad corporate team to investigate if it's a critical alert.

• Red Teaming Activity:

Worked on some of the Red Teaming activities where I used tail gating and some duplicate ID cards of the target company to bypass the physical security and used training rooms LAN to get into the network of the organization where i gained mail server access, internal pages access and got into the first level of the organization.

• Configuration Review:

Worked on configuration review for Network devices, DB, OS (Windows, Linux), MBSS, Compliance review.

• Hack the Box
• TryHackMe
• Yoga & Meditation
• Treks