Welcome to Abhishek’s Security Lab
🛡️ Core Security Focus Areas
Bridging the gap between enterprise-scale security engineering and the emerging frontiers of Artificial Intelligence.
🤖 AI & Generative AI Security (GenAIsec)
Leveraging my experience in automated threat detection to secure the next generation of intelligent systems.
- LLM Red Teaming: Researching adversarial attacks against Large Language Models, specifically focusing on Indirect Prompt Injection (IPI) and jailbreaking methodologies.
- Securing the AI Lifecycle: Applying OWASP Top 10 for LLMs to audit model integration, focusing on Insecure Output Handling and Training Data Poisoning.
- RAG Architecture Security: Hardening Retrieval-Augmented Generation pipelines to ensure vector databases do not become vectors for unauthorized data exfiltration.
- AI-Driven Threat Detection: Building upon my work at Amazon to design automated systems that use pattern analysis to identify AI-generated fraud and malicious bot behavior.
🌐 Advanced Network & LAN Security
Deep-rooted expertise in securing enterprise-grade infrastructure and high-traffic networks.
- Zero Trust & Micro-segmentation: Transitioning legacy perimeters to identity-centric security models.
- Layer 2/3 Hardening: Implementing specialized defenses against DHCP starvation, ARP spoofing, and VLAN hopping.
- Network Forensics: High-fidelity packet analysis using Wireshark and TCPDump to identify sophisticated C2 (Command & Control) channels.
🔍 Security Operations & Engineering (SecOps)
Expertise drawn from monitoring 10,000+ systems and identifying 100+ Indicators of Compromise (IoCs).
- Automated Incident Response: Developing playbooks and SOAR workflows (Splunk/XSOAR) to reduce alert fatigue and increase MTTR (Mean Time To Respond).
- Cloud Security Posture (CSPM): Managing IAM roles, root key rotations (AWS), and securing cloud migrations for mid-to-large scale organizations.
- Vulnerability Management: Orchestrating enterprise-wide patching and scanning (Nessus/Qualys) across 5,000+ endpoints.
🛠️ Technical Arsenal
- Tools: Splunk, Cortex XSOAR, CrowdStrike, Sentinel One, Burp Suite, Nmap.
- AI/GenAI: Garak (LLM Scanner), LangChain Security Patterns, Python-based Adversarial Testing.
- Forensics: Autopsy, FTK Imager, Mandiant Redline, Volatility.
- Cloud: AWS (Certified Security specialty patterns), Azure, Google Chronicle.