About

🐸 What’s the Story Behind the Name ‘Frogy’?

During an epic gaming session in the hot, muggy Indian nights of my engineering days, I pulled off some of the most amazing jump shots my teammates had ever seen in Counter-Strike. Against all odds, I landed these leaps perfectly, and my teammates started calling me “Frog” for my jumping skills.

The name stuck, but it also held a playful connection to a family joke my mom used to make about me “jumping from one thing to another,” especially during study sessions. Over time, ‘Frogy’ became a badge of honor, symbolizing my dynamic energy, both in gaming and later in cybersecurity.

🧑‍💻 Who am I?

Cybersecurity professional with 13 years of experience, excelling in vulnerability management, threat intelligence, penetration testing, and attack surface management. I’ve worked with diverse clients across the globe, from small consulting firms to large retail organizations. Proud holder of a Master’s in Cybersecurity and multiple industry certifications.

🔑 Core Competences

• Risk-Based Vulnerability Management
• Penetration Testing & Red Teaming
• Attack Surface Management
• Cyber Threat Intelligence
• Detection Engineering (SIEM/Threat Hunting)

💻 Technical Skills

• Languages : Bash/Unix Shell, Rubber Ducky Script, HTML, MySQL, YAML
• Methodologies : OWASP Top 10, NIST, OSSTM, MITRE ATT&CK Framework
• Tools : Nuclei, Httpx, DnSx, Amass, OWASP ZAP, SQLmap, OpenVAS, Nmap, Wireshark, Metasploit, Maltego, John-the-Ripper, Hashcat, Docker, GitHub, GitLab, Hybrid-Analysis, VirusTotal, Drozer, Frida, MobSF, Android Debug Bridge
• ELK (Elastic, Logstash, Kibana), Wazuh
• Commercial Solutions : CrowdStrike, Elasticsearch, Kibana, Splunk, Recorded Future, BurpSuite, Cobaltstrike, Digital Shadows, Kiuwan, Nessus, Nexpose, Acunetix, Netsparker, Kenna Security, Qualys, Tenable, CyCognito, Microsoft Endpoint Defender (MDE)

🏢 Work Experience

• Threat & Vulnerability Manager, Marks and Spencer (M&S) - UK
• Global Senior Vulnerability Management Analyst, TikTok - UK
• Security Engineering Manager, Tesco - UK
• Manager (Cybersecurity), KPMG - New Zealand
• Security Consultant, NotSoSecure - India
• Security Engineer, Zebpay (Cryptocurrency firm) - India
• Security Analyst, Lucideus - India
• Security Analyst, LetsNurture - India

🎓 Education

• MSc – Computer Security & Forensics, University of Bedfordshire, UK
• B.Tech – Computer Engineering, Gandhinagar Institute of Technology, India

🏅 Certifications

• OSCP, CEH, CTIA, CCFH, CCFA, SANS MGT516

🏆 Recognition & Other Highlights

• Technical reviewer of Cyber Resilience, authored by Coca-Cola CISO (via Packt Publication)
• Authored a course for EC-Council on Applied Attack Surface Analysis and Reduction
• Board of Advisors, Sri Sri School of CyberPeace Foundation
• Co-trainer, Mobile Application Hacking and Security at HackCon, Norwegian Cybersecurity Conference
• Contributed to CVE-2016-7786 & CVE-2020-35387
• Recognized in multiple Bug-Bounty programs

🚀 My Journey (Timeline)

• 2011 - India - Started as Security Analyst/Engineer in SMEs
• 2014 - UK - Completed MSc in Computer Security & Forensics
• 2014 - Norway - Co-trained at HackCon: Mobile Application Hacking
• 2016 - India - Discovered CVE-2016-7786 (Sophos UTM)
• 2017 - New Zealand - Joined KPMG as Cybersecurity Manager
• 2018 - Thailand - Participated into APAC Hacknet Conference in Bangkok
• 2020 - New Zealand - Discovered CVE-2020-35387 (EDT Web Application)
• 2020 - UK - Certified Threat Intelligence Analyst (CTIA)
• 2020 - UK - Certified CrowdStrike Falcon Hunter (CCFH)
• 2020 - UK - Became Security Engineering Manager at Tesco
• 2021 - UK - Published Course on Attack Surface Analysis (EC-Council)
• 2022 - UK - Technical Reviewer: Resilient Cybersecurity Book
• 2022 - UK - Joined as Senior Vulnerability Management Senior Analyst at TikTok
• 2022 - USA - Visited USA for 3 weeks on a TikTok project
• 2023 - UK - Began role as Threat & Vulnerability Manager at M&S

Thank you for taking the time to know more about me. Feel free to connect!