Prabhakaran Sarangapani

Worked as DCP (domain classification process) trainee analyst for the Whitelisting UI. • Segregation of websites into safe and unsafe using set of rules like poker games, key logging site, third party sites, remote support etc. So, these sites are not safe to whitelisting. • Worked in file integrity and behaviour of executable, portable, bin and tar files through Bin text, File alyzer, reason-core security. • Detecting zero-day threats missed by the Signature-Based detection system. • Uploading the safe executable and bin files to the sandbox through own cloud server for future prediction of safe file by the Comodo Customers.

Prevent users from Email Attacks, Spoofing and Phishing Sites. • Analyse and Blacklisting the Vulnerable IP’s to provide security for global Clients. • Connecting to servers by SSH and Analysing the Logs by Regex. • Conducted Base level analysis to determine the legitimacy of files, ports using Wireshark, Nagios as well as Online Resources such as Virus total, MXtoolbox and MultiRBL. • Created standard procedures to maintain consistency and support response time. • Escalating the incidents by creating ticket using JIRA and analysing the tickets in jira board and Reporting to L2 team. • Monitoring server, Gates and Vms using the Zabbix interface

Analyse the Entire Run-time behaviour of a file and deploys by Manual analysis. • Involved in High priority issues using Regshot and IDA pro Dis-assembler that translates machine executable code into assembly language for the purpose of debugging. • Responsible for both L1 & L2 activities. • Worked in Comodo Sandbox for unknown (or) untrusted application to execute and check whether the .exe file is malware. • Recognizer testing for the highly malicious files provided by the customer end Sandbox Servers.

Working as a Researcher in ATP (Advanced Threat Protection) product of Microsoft. • Provide Security Operations Center with expert level oversight and analysis to help them ensure that critical threats in their unique environments within SLA. • Analysing Events and Logs having malicious behaviour of the customer machine through Trap results. • Proactive (targeted) attack notifications sent to enrolled customers warning them of suspicious activity. • Worked on critical threat- Adversary, hands-on-keyboard, lateral movement, data exfil, etc. Could also be especially impactful - ransomware, overly advanced phishing, alert outbrea