PARITALA N V L S VENU MADHAV

Throughout my internship at PurpleSynapz, I've gained a good amount ofknowledge with a solid understanding of various domains of security. During myinternship, I've gone through multiple modules starting from NetworkFundamentals, Linux for security, Windows Security, Cloud Security, EthicalHacking, SIEM, and Cyber Forensics.

Monitoring, Analysing, and Responding to malware attacks, Network Threats,and Phishing Email Analysis. Good understanding of security solutions like Firewalls (Palo Alto, checkpoint,Fortinet), McAfee DLP, Anti-virus (McAfee & Trend Micro), IPS, Email Security,etc. Monitoring real-time events using SEIM tools like ArcSight, Splunk, andLogRythm. Monitoring End Point devices through CrowdStrike Falcon EDR detections andperforming deep-dive investigations. Monitoring and Analysing from different log sources such as Bluecoat Proxy,Firewalls (Palo-Alto, Checkpoint & Fortinet), McAfee AV, McAfee DLP, SentinalOne, CrowdStrike Falcon EDR, Microsoft Exchange Server, Web ApplicationFirewall (WAF), Sysmon, Unix Logs & Windows Logs. Investigate the security logs and provide mitigation strategies mapping to theMITRE ATT&CK framework and Cyber Kill Chain. Responsible for preparing Daily, Weekly, and Monthly reports and deliveringthem with root cause analysis. Raising Incidents to the on-site Incident handler with appropriate analysis andrelevant logs with ticketing tools like ITSM and AIssac. Update and closure of SOC Security incidents/tickets under the Service Level Agreement (SLA). Diagnosed hundreds of rules fine-tuning for various devices and implementing them in SIEM. Coordinating with the SIEM Admin team with log stoppage and Health check related issues. Creation of reports, dashboards, and custom use cases. Usage of Threat Intelligence tools like AbuseI PDB, Virus total, ipinfo.io,URL Scan.io, Cyber chef, Cisco Talos, Phish Tool, MX toolbox, and other MISP Threat sharing platforms while performing security investigations.

Working as a Security Analyst and providing Product Support + SOC monitoringto multiple clients. Handling tickets from customers regarding whitelisting PE files like .exe basedon hash value, Path, and Certificate of an application. Good understanding of EPP (Endpoint Protection Platform) software like devicecontrol. Monitoring, Analysing, and Responding to alerts of various cyber threats likephishing, Network threats, malware threats, etc. Responsible for preparing weekly reports and providing customers with rootcause analysis. Worked on tools for monitoring real-time events using ELK Stack (SIEM),Xprotect and Xshield (EPP applications).