BHAVKARAN SINGH CHAHAL
- Information security enthusiast with industry level certifications and a strong interest in penetration testing and offensive security.
- Strong background in security tools, emerging technologies, processes and best practices.
- An author of ReconSpider an Open-Source Intelligence (OSINT) security tool on GitHub.
- Reported Security Vulnerabilities in Netherlands Government, Dell, Sophos etc.
Networking: Storage Networks, Network Security, Server Networks, IP Protocols, LAN/WAN Switching, Troubleshooting.
Security Assessment: SAST, DAST, VAPT, Open-Source Analysis, OWASP top 10, Mitre Att&ck Framework, SANS top 25.
Operating Systems: Ubuntu, CentOS, Kali Linux, MacOS, Windows Servers.
Cloud/DevOps technologies: Docker, CI /CD, Azure, Web Server, AWS Cloud, Python, Bash.
Security & Testing tools: Snyk, BloodHound, Veracode, Burp Suite, Tenable.io, Nmap, gobuster, ExtraHop, Metasploit, OWASP ZAP, Netsparker, Postman, Wireshark etc.
CERTIFICATIONS & TRAININGS
eJPT - eLearn Security & INE - Jan 2022
Cyber Security Essentials - Cisco - Jun 2021
Unix Badge - Pentester Lab - Apr 2020
Learn HTML - Codecademy - Oct 2018
Applied CS with Android - Google - Sept 2017
AFCEH 9.0 - Talent Edge Bangalore - Oct 2015
Application Security Analyst - Gore Mutual Insurance, Ontario, Canada - Aug 2021 - Present
- Conducting source code reviews using Veracode and Snyk, triaging and reporting vulnerabilities, guiding developers with vulnerability remediation.
- Performing automated and manual vulnerability assessments and penetration tests on web applications, networks and infrastructure.
- Conducting focused research on newly identified threats and vulnerabilities.
- Providing recommendations on system patching, hardening of web application and servers to mitigate potential risks.
Application Security Tester - Saluber MD LLC., Remote - Aug 2020 - July 2021
- Experience with managing an enterprise level SIEM platform.
- Strong understanding of variety of IT systems, applications and configurations.
- Prioritizing and classifying bugs according to severity.
- Familiarity with basic reverse engineering principles.
Network and Cyber Security Analyst - EH1 Infotech, Mohali, India - Jan 2019 - Oct 2019
- Responsible for monitoring and debugging network connectivity issues using Wireshark for packet analysis.
- Analyzed Security of an IT development firm, tested the vulnerabilities, securing the site from threats.
- Configured Microsoft Windows servers, setup and deployed domain controllers, VMs & Active Directory.
- Performed VAPT and provided recommendations to management on Security implementation.
Security Consultant Intern - Supive Technologies Chandigarh, India - Jun 2018 - Dec 2018
- Implemented best practices of securing the overall web-applications.
- Responsible for securing the web applications of an online business module.
- Performing vulnerability assessment and penetration testing on projects.
Founder and Leader - Security and Research Community - SECARMY - Feb 2019 - Jan 2020
- Organizing Capture-The-Flag (CTF) competitions.
- Writing security concerning blogs and posts.
- Making podcasts with security researchers around the world.
- Broadcasting cyber security-related conferences & webinars.
Volunteer Team Leader - Intersquad Cyber Intelligence New Delhi, India - Mar 2018 - Apr 2018
- Worked remotely in the Security Team of Inter Squad Cyber Intelligence.
- Tested web-applications and reported various bugs/vulnerabilities.
- Organized a hackathon based on cybersecurity for attendees.
- Supervise the whole conference as a team manager.
Attestation of College Studies in Computer Science and Software Testing - 2020 - 2021
Matrix College of Management Technology and Healthcare Inc - Montreal, QC
- Major in Computer Science; Minors in Software Testing
- Cumulative GPA: 4.0/4.0; (Top 10% of class)
- Relevant Coursework: Software Development; Operating Systems; Algorithms
Diploma in Computer Engineering (Verified by WES) - 2015 - 2018
Chandigarh Polytechnic College - Punjab, India
The Tribune Newspaper - WanaCry Ransomware Research
Covered in news article on The Tribune Newspaper for spreading awareness regarding removal of WannaCry ransomware and protecting personal files by creating a system restore point.
National Cyber Security Center - Reported bug in Netherlands Government Website
Bugcrowd - Hall of Fame - Reported bugs in Companies like Dell, Sophos, DarkMatter etc.
Recon Spider - Open Source Intelligence Framework (GPL-3.0 License)
Recon Spider is most Advanced OSINT Framework for scanning IP Address, Emails, Websites, Organizations and find out information from different sources available on the internet about the target.