Sneh Bavarva

About Me

I’m a cybersecurity engineer who likes breaking systems and fixing them, preferably by automating the boring parts. My journey began when my own LinkedIn account got hacked - that’s a story for another time!

These days, My focus has shifted towards the defensive security and incident response, while I still have the strong offensive foundation; but with the new AI world, I am doing things differently. I am particularly interested in how AI/LLM could fit in the incident response cycle.

I spend a lot of time working with the cloud security detection engineer in automation. I have created an augmented security workflow with the AI, which is practical for the threat modeling, host analysis, host isolation, and triaging, and is helpful for them. It is helpful for the decision support in South and IR pipelines.

Also, I do participate in the CTFs. Learn the new technology and write so many Blogs. Also, I’m active on the Hack The Box season (my peak was global rank of 144). Honestly, this offensive security keeps my defender mindset honest, and I know how an attacker thinks.

I learned by building, documenting, and automating. If it is something related to security, cloud, or detection, or a bit of everything, then I am probably working on it. Like currently, I am working on something very special and soon I will be sharing it.

Path

Education

Formal training in cybersecurity and cloud engineering, with the offensive foundations behind my defensive work.

Master of Engineering in Cybersecurity

Graduate Certificate in Cloud Engineering

University of Maryland - College Park

2024 - 2026

Coursework: Binary Exploitation · Security Tools · Information Assurance · Cloud Security · Cloud Computing

Bachelor of Technology in Information Technology

Birla Vishvakarma Mahavidyalaya

2020 - 2024

Coursework: Cybersecurity · Computer Networks · Operating System · Machine Learning

Practice

Work Experience

Security work shaped by testing, monitoring, incident handling, and practical remediation.

Junior Penetration Tester

EVE Healthcare Centers

2022 - 2023
  • Identified a critical Broken Authentication vulnerability enabling account takeover via an internal portal.
  • Demonstrated real-world impact by exposing unauthorized access to PII of 1,000+ users.
  • Assisted the incident handling team with triage, root cause analysis, and containment, reducing exposure within 24 hours.
  • Supported enforcement of role-based access control (RBAC) to prevent lateral movement.
  • Partnered with IT and compliance teams to deliver business-aligned remediation guidance.

Information Security Administrator

Virtual Testing Foundation

2022
  • Monitored security events using SIEM platforms (Splunk / ELK) to identify attack vectors and perform root cause analysis.
  • Simulated adversary techniques using BloodHound and applied STRIDE-based threat modeling to strengthen network security posture.

🛠️ Technical Skills

Implementation languages and scripting tools used for automation, security tooling, analysis, and exploit development.

  • Python
  • Bash
  • PowerShell
  • Shell Scripting
  • JavaScript
  • SQL
  • C/C++
  • x86/x64 Assembly

The area closest to my current focus: investigation flow, signal quality, and incident decision support.

  • Incident Triage
  • Root Cause Analysis
  • Log Analysis
  • EDR Concepts
  • Alert Tuning
  • Attack Chain Analysis

Identity and access topics that matter for both offensive pathing and defensive hardening.

  • AD Internals
  • Kerberos Authentication
  • Delegation Abuse
  • Priv Esc Paths
  • BloodHound Analysis

Threat-led design work focused on abuse cases, architecture choices, and attack surface visibility.

  • STRIDE
  • Threat Modeling for Cloud & Web Applications
  • System Design Reviews
  • Attack Surface Mapping

Application security work spanning common flaw classes and secure review of real-world systems.

  • OWASP Top 10
  • Business Logic Flaws
  • API Security
  • Authentication & Authorization Issues
  • Secure Design Reviews

Cloud and deployment tooling tied to platform security, delivery pipelines, and automation-first workflows.

  • AWS
  • Azure
  • Docker
  • Kubernetes
  • Terraform
  • CI/CD Security
  • Jenkins
  • Microservices

Working fluency across the operating systems that show up in security engineering and investigations.

  • Linux
  • Windows
  • macOS

The offensive foundation behind my current defensive and detection-focused work.

  • Vulnerability Assessment & Penetration Testing (VAPT)
  • Network & Web Application Testing
  • Privilege Escalation & Lateral Movement
  • LLM & AI Security Testing

The tools I reach for most across web testing, detection, visibility, investigation, and reverse engineering.

  • Burp Suite
  • OWASP ZAP
  • Nessus
  • Nmap
  • Wireshark
  • Splunk
  • Elastic
  • Microsoft Sentinel
  • Zeek (Bro)
  • Snort
  • Ghidra
  • Autopsy
  • Cobalt Strike
  • mimikatz
  • x64Dbg