Priya Ramaswamy

Priya is a threat hunter who spent four years at CrowdStrike on the OverWatch team chasing eCrime intrusions on Linux endpoints, then moved to a mid-size SaaS company in 2023 to build out their detection engineering function from scratch. Her day job is writing Falco rules, tuning auditd, and arguing with developers about why curl-piped-to-bash in a Dockerfile is not, in fact, fine. She's GCFA and GCIH certified, contributed a handful of Sigma rules to the public repo, and gave a talk at BSides Bangalore on detecting Kinsing miner infections through cgroup anomalies. Before security she did three years as a Linux sysadmin at Flipkart's logistics arm, which is where she learned that most "sophisticated APT activity" turns out to be a forgotten cron job running as root.

Artikelen van Priya Ramaswamy