Dhruv Shah Principal Security Consultant and Trainer
Role
Dhruv has been with NotSoSecure since 2017 and has worked on security issues with a broad range of clients, including major banking, finance and media companies. This work involves web and application penetration testing and network assessments. He is also involved in Red Team assessments appraising system and network vulnerabilities with little or no prior knowledge of them. His trainer work has involved running courses at BlackHat Chicago and researching and updating the NotSoSecure Advanced Web Hacking training course. His trainer work has involved running courses at Black Hat Chicago in 2018 and Black Hat USA 2019.
Background
Dhruv holds a Master’s degree in IT and has seven years’ specialist experience in Information Security. He started off as a trainer sensitising staff in private sector organisations about security issues and what hackers look for when they launch attacks on networks. He then moved employers where he carried out penetration testing work in Indian government agencies and then at banking clients in the Middle East. He now has extensive penetration testing experience for Fortune 500 companies involving web and mobile applications, networks, Infra and Red Team work. In his spare time, he co-authored the book “Kali Linux Intrusion and Exploitation” and is an active member and moderator of one of the Null chapters in India.
Passion
From an early age, Dhruv was fascinated by the inner working of things, taking them apart and finding out how they really worked. This passion directly led to his work in later years in Information Security. He derives huge professional satisfaction by helping companies make their systems and networks more secure by sharing the results of his penetrating testing and providing concrete preventative solutions. By showing them how malicious hackers can exploit flaws and vulnerabilities, he knows he is enabling them to go about their everyday business in the most secure way possible. When not engaged in client work, he maintains his skills and knowledge by carrying out interesting and unusual types of penetration testing and researching new methods to break into applications and systems.