Siva Shankar Kalahasthy

Siva Shankar Kalahasthy

Senior Security Consultant

KPMG

About Me

Hi my name is Siva Shankar Kalahasthy working as a Cyber Security Consultant with an experience 0f 6+ years in Security Domain. I have expertise in DevSecOps and Cloud Security. My primarily focuse on research, specifically in the areas of developing training content for DevSecOps and Cloud Infrastructure Hacking. My responsibilities also involve testing, as well as developing and reviewing training content for prominent cybersecurity events such as Blackhat and Nullcon.

My experience has provided a comprehensive understanding of the Software Development Life Cycle (SDLC), spanning from design to deployment. These foundation has been a road map for enhancing security through various technologies such as Cyber Security (WAPT & VAPT), DevOps (git commit to Auto deployment in AKS), and Quality Assurance (LSP testing, functional testing). Additionally, serving as Scrum Master contributed to the growth of the IT field, emphasizing the importance of transparency, team support, and trust for personal improvement.

Interests
  • Cyber Security
  • DevSecOps
  • Cloud Security
  • Azure DevSecOps
  • Static Application Security Testing (SAST)
  • GitOps
  • Team Leadership/Management
Education

  • Masters in Cyber Security, 2018

    International Institute of Digital Technology

  • BTech in Computer Science Engineering, 2016

    SRKR Engineering collage

  • Inter in MPC, 2012

    Narayana Inter collage

  • 10th in SSC, 2010

    KVR Talent School

Skills

Technical
DevSecOps
Cloud Security
Pentesting
Hobbies
Traveling
Photography
Reading

Professional Journey

 
 
 
 
 
KPMG
Senior Security Consultant
KPMG
September 2024 – Present Bangalore

Responsibilities include:

  • Team size: 5
  • Risk Assessments
  • Cloud Security
  • DevSecOps
 
 
 
 
 
Claranet
Cyber Security Consultant
Claranet
July 2021 – October 2023 Permanant-WFH

Responsibilities include:

  • Team size: 5
  • DevSecOps
  • Cloud Security
  • Research and Development
  • Job Role involves :
    • Designed and Devloped fully automated Secured SDLC in Azure
    • Blueteaming for Cloud Security
 
 
 
 
 
coMakeIT part of Xebia
Cyber Security Engineer
coMakeIT part of Xebia
August 2019 – June 2021 Hyderabad

Responsibilities include:

  • Client: Iddinkgroup
  • Team size: 9
  • Projects: DMCT, Iddinkhub, SCIM and STUB
  • Job Role involves :
    • Web Application Penetration Testing (WAPT)
    • Vulnerability Assessment & Penetration Test (VAPT)
    • DevSecOps design and implementation
    • Scrum Master role performing Agile methodologies with in the team
    • LSP testing for web application
 
 
 
 
 
coMakeIT part of Xebia
Associate Cyber Security Engineer
coMakeIT part of Xebia
March 2018 – July 2019 Hyderabad

Responsibilities include:

  • Client: Iddinkgroup
  • Projects: Digital Media Consumption Tracker (DMCT), IDDINKHUB
  • Team Size: 4
    • Performed web application security testing.
    • Automating the code analysis using SonarQube.
    • Deploying the products into Azure Kubernetes service(AKS) by Semi-Automation.
    • Design and Implemented Distributed test environment for LSP testing
  • Researcher in Technology Innovation Center (TIC)(March 2018 - May 2018)
    • Worked on AI/ML and developed Facial recognition System using Tensor flow.
 
 
 
 
 
coMakeIT part of Xebia
Cyber Security Trainee
coMakeIT part of Xebia
December 2017 – March 2018 Hyderabad

Responsibilities include:

  • Volunteered and Participated in OWASP meeting hosted within organization.
  • Conducted some training session on awareness of Cyber security in todays world.

Accomplished

coursera
This covers storage, Cloud economics, managed infrastructure levels, Azure services, Cloud deployment models, hosting scenarios, cloud platform comparison, and the future of cloud computing.
See certificate
Splunk Infrastructure Overview
Splunk Jun 2020
Splunk Infrastructure Overview
See certificate
Splunk 7.x Fundamentals Part 1
Splunk Jun 2020
Splunk Fundamentals
See certificate
ICSI | CNSS Certified Network Security Specialist
ICSI Jun 2020
CNSS Certified Network Security Specialist
See certificate
Fortinet NSE 1 The Threat landscape
Fortinet Jun 2020 – Jun 2022
Fortinet NSE 1 The Threat landscape gives the information about the cyber security threats that organizations are facing today.
See certificate
Fortinet’s Network Security Expert certification
Fortinet Jun 2020 – Jun 2022
You will learn about the types of security products that have been created by security vendors to address those problems.The completion of all lessons and associated quizzes in this course completes the requirement to obtain the NSE 2 level certification.
See certificate
Professional Scrum Master I
Scrum.org May 2019
PSM I certification holders showcase foundational Scrum mastery, understanding Scrum Guide principles and effective application within Scrum Teams with consistent terminology and approach.
See certificate

Recent Posts

Common Threats in Information Security: A Professional's Insight
In today’s digital landscape, cyber threats are constantly evolving. As a seasoned cyber security professional, I delve into common threats such as phishing, malware, and insider threats, providing insights on how to mitigate these risks. Implementing effective strategies is crucial to protecting sensitive information and maintaining a robust security posture.
Siva Shankar Kalahasthy
Last updated on Jun 29, 2024 4 min read CyberSecurity, Infosec100series
Common Threats in Information Security: A Professional's Insight
Cybercrime Awareness: Protecting Yourself in the Digital Age
Essential Cybercrime Awareness and Prevention: Protect Yourself in the Digital Age
Siva Shankar Kalahasthy
Last updated on Jun 29, 2024 13 min read CyberSecurity
Cybercrime Awareness: Protecting Yourself in the Digital Age
Introduction to Cryptography: Unveiling the Science of Securing Data
Delve into the fascinating world of cryptography, from ancient ciphers to modern encryption techniques. Understand the core concepts and types of cryptography, and discover how it secures online transactions, personal communications, and sensitive information in today’s digital age.
Siva Shankar Kalahasthy
Last updated on Jun 29, 2024 5 min read CyberSecurity, Infosec100series
Introduction to Cryptography: Unveiling the Science of Securing Data
Introduction to Information Security: A Beginner's Guide
In this blog post, we explore the fundamentals of information security and its importance in todays digital age. We discuss common security concepts and the CIA triad as the foundation for protecting sensitive data, ensuring business continuity, and preventing cyber threats. As technology advances, staying informed about information security is key to navigating the digital landscape safely.
Siva Shankar Kalahasthy
Last updated on Jun 29, 2024 3 min read CyberSecurity, Infosec100series
Introduction to Information Security: A Beginner's Guide
Risk Management in Information Security: A Proactive Approach to Safeguarding Your Digital Assets
Effective risk management is crucial for protecting an organization’s information assets. This blog covers essential strategies for identifying, assessing, and mitigating cybersecurity risks. Learn proactive and adaptive approaches to safeguard your digital assets and maintain stakeholder trust.
Siva Shankar Kalahasthy
Last updated on Jun 29, 2024 4 min read CyberSecurity, Infosec100series
Risk Management in Information Security: A Proactive Approach to Safeguarding Your Digital Assets
See all posts

Projects

*
All DevSecOps CyberSecurity Research
STUB
STUB is a mock service, where we can configure the responses and error messages.
Follow
STUB
System for Cross-domain Identity Management
The System for Cross-domain Identity Management (SCIM) specification is designed to make managing user identities in cloud-based applications and services easier.
Follow
System for Cross-domain Identity Management
IDDINK-HUB
IDDINKHUB is the bride between the two counter parties where schools want to get the student and teacher information from the education software.
Follow
IDDINK-HUB
Digital Media Consumption Tracker (DMCT)
Digital Media Consumption Tracker(DMCT) is the internal tool within Iddink group company which monitors all the traffic flow of the learning materials who have the licenses within the Iddink products(study materials).
Follow
Digital Media Consumption Tracker (DMCT)
Explore on Securing Development and operations (Web Application Security)
Enterprises aiming for rapid Internet-based service deployment emphasize Continuous Delivery, ensuring swift and safe integration of changes. In the web application development process, security threats necessitate preemptive measures, including penetration tests, to uphold throughput, stability, and overall application performance.
Follow
Explore on Securing Development and operations (Web Application Security)
IMPLEMENTATION AND PREVENTION OF ADVANCED USB ATTACKS (Network Security)
This project is a holistic approach for attacking using advanced USB devices and defending Mechanisms.
Follow
IMPLEMENTATION AND PREVENTION OF ADVANCED USB ATTACKS (Network Security)
ANDROID FORENSICS & PENETRATION TESTING
Android Forensic ensures Nandroid backup of android, Reverse engineering for application (ex: WhatsApp) and application penetration testing.
Follow
ANDROID FORENSICS & PENETRATION TESTING

Gallery

20190107-wa0004.jpg
20190211-wa0014.jpg
20190218-wa0004.jpg
img-20190309-wa0015.jpg
img-20190309-wa0028.jpg
img-20200218-wa0024.jpg
img-20200218-wa0055.jpg
img-20200307-wa0006.jpg
img-20200314-wa0002.jpg
jsr_0074.jpg
z1.jpg
z2.jpg
z3.jpg

Popular Topics

BasicsofInformationSecurity CyberSecurity DevSecOps InformationSecurity Infosec100series KaliLinuxTools Research Source Themes Travel

Contact