Summary
Overview
Work History
Education
Skills
Additional Information
Timeline
Generic

Sidhartha Sunkara

Threat Hunter
Kukatpally

Summary

Cyber-Security enthusiast, skilled in problem solving and communication. Highly adaptable, self-learner with experience in Threat hunting, Malware analysis, Reverse engineering, and Penetration testing.

Overview

7
7
years of professional experience
4
4
years of post-secondary education

Work History

Threat Hunter 2

Microsoft Corporation
12.2022 - Current
  • Conducted threat hunting on endpoints, exploring and correlating large data sets to provide timely alerts for customers.
  • Uncovered novel attack techniques and monitored changes in activity group tradecraft.
  • Leveraged knowledge of attacker tools, tactics, and procedures to improve customer security posture.
  • Collaborated with partners in data science and threat research to develop high-fidelity detection rules.
  • Secured first place in the company’s internal Capture the Flag event, which focused on Threat Hunting challenges.

Senior Security Researcher

Arete Incident Response PVT LTD
10.2021 - 11.2022
  • Conducting Malware analysis and reverse engineering on suspicious files reported during Forensic investigations and provide detailed analysis report of findings.
  • Understanding TTPs of reported malware and author YARA, SentinelOne EDR, Snort rules to enhance detection at various levels.
  • Worked on various config extractors using python for various malware families like Cobalt Strike, Emotet, Hancitor, SquirrelWaffle and also authored "deobfuscator" IDA Python script for "Goobfuscator".
  • Experience working on ransomware incidents. Categorizing ransomware family involved and share findings on Threat Actor.
  • Proactively monitoring malware families/CVEs and perform threat hunting using on client's environment using SentinelOne platform.
  • Assisted in setting up CAPE Sandbox in Arete's Environment.
  • Contributed to Arete's technical blog.

Security Researcher

Trellix (Formerly FireEye)
05.2019 - 09.2021
  • Handling all types of Customer escalations (FPs, FNs, , TNs) for various FireEye appliances
  • Identifying issue behind FNs/FPs related to Malware, Vulnerabilities, Phishing/Spam Emails and providing POC/RCA to the customers
  • Writing Generic spam assassin rules on Headers/Body content of the email to detect any spam campaign/phishing
  • Dissecting the Malicious program with disassembling and debugging tools like IDA, x64 debugger for in-depth analysis
  • Worked on various Malware campaigns like LodaRat, ObliqueRat, Emotet, Ransomware and provided generic fix at Host & Network based level
  • Identifying the pattern followed across the malicious files of the same variant/family and adding a generic signature for detection at Multiple levels (CLAM AV, YARA, SNORT)
  • Given KTs on various new tools and techniques like "Analyzing of HWP files", "VBA Stomping", "TShark", "Shellcode analysis"
  • Proactively hunting for new malware via twitter feed, VT hunting and adding necessary Yara/snort coverage to detect these files
  • Trained interns on Malware analysis.

Threat Researcher

K7 Computing Private LTD
06.2018 - 04.2019
  • Handling customer escalations i.e., False positives and False Negatives of PE, Non-PE & provide a root-cause analysis of the same
  • Conducting malware analysis and reverse engineering on suspicious files and producing the detailed report of findings
  • Identifying the pattern followed across the malicious files of the same variant/family and adding a generic signature for detection at Multiple levels.

Internship Student

NCIIPC
01.2018 - 05.2018
  • Successfully categorized various real-world samples provided by the organization into Malicious and Non-Malicious files and suggested pattern for generic detections.
  • Successfully pen-tested web applications hosted by the organization and shared the bug report of the vulnerability findings with the team.

Education

Bachelor of Technology - Computer Science Engineering

Manipal University
Jaipur
06.2014 - 06.2018

Skills

Malware analysis

Threat Hunting

Reverse Engineering

IDS/IPS

Threat Hunting

KQL

SIEM

Additional Information

  • Certifications: Certified Red Team Professional (CRTP)
  • Programming Languages: C, Assembly language, VBScript, Python, PHP, JavaScript.
  • Software: Visual Studio, Eclipse, Microsoft Office, Virtual Box, VMware. SentinelOne EDR
  • Tools: Process Monitor, Process Explorer, Resource hacker, Regshot, IDA, Ollydb, GDB, ILSpy, BinText, CFF Explorer, Wireshark, Burp-suite, Redline
  • Security Information and Event Management (SIEM): Sumo Logic (Cloud Events), Microsoft Sentinel (formerly Azure Sentinel), Elastic Stack (Elasticsearch, Logstash, Kibana), Microsoft Defender for Endpoint
  • Operating System: Windows OS, MacOS,Linux


Timeline

Threat Hunter 2

Microsoft Corporation
12.2022 - Current

Senior Security Researcher

Arete Incident Response PVT LTD
10.2021 - 11.2022

Security Researcher

Trellix (Formerly FireEye)
05.2019 - 09.2021

Threat Researcher

K7 Computing Private LTD
06.2018 - 04.2019

Internship Student

NCIIPC
01.2018 - 05.2018

Bachelor of Technology - Computer Science Engineering

Manipal University
06.2014 - 06.2018

Similar Profiles

  • Sumit Sampat

    Sumit SampatSumit Sampat

    Senior Technical Program Manager at Microsoft CorporationSenior Technical Program Manager at Microsoft Corporation

    View Profile
  • Jeffrey Mutethia

    Jeffrey MutethiaJeffrey Mutethia

    Software Engineer at Microsoft CorporationSoftware Engineer at Microsoft Corporation

    View Profile
  • Hari Musham

    Hari MushamHari Musham

    Service Engineer II at Microsoft CorporationService Engineer II at Microsoft Corporation

    View Profile
Sidhartha SunkaraThreat Hunter