Welcome! I live in Sunnyvale, CA and graduated from UC Berkeley with a CS degree in 2018.
Reach me at
. Find me on
I graduated from UC Berkeley with a BA in Computer Science in December 2018 (in 2.5 years!). I was a
I was on our
team. My 1st year, our team qualified for
, but not for nationals. My 2nd year, we didn't qualify for WRCCDC :(
I taught a couple workshops, helped organize info-sessions with companies on campus, and participated in many CTFs during the weekends.
I traveled to the University of Cambridge, UK for a network attack/defense competition,
where I placed 2nd individually
"Titans of Cybersecurity" DeCal (Spring 2018)
Cal only has 1 undergrad security class, so I founded a 1 semester, student-run speaker series to teach students about security in real world orgs.
I cold emailed ~100 CEOs, startup founders, and heads of government agencies to invite them to speak.
(Stack Overflow co-founder),
(former head of
(VP of Product Mgmt,
Trusted Computing Lab | Undergrad Research Assistant
Almost no key-value stores can encrypt data in memory, meaning an attacker can scrape data from a store's server's memory.
Built a key-value store in C that stores a symmetric key in a secure enclave and uses it to encrypt/decrypt data on writes/reads
Used an C library for
, a PhD student under
Prof. Sanjit Seshia
Application Security Intern, Yelp (May-Aug 2018)
to an admin app that 4000+ salespeople use daily to collect payment info from every business that registers for Yelp advertising
This app was likely Yelp's largest threat vector, as it stored highly sensitive data but used single-factor, password-based auth
Downtime would stop Yelp from receiving any new revenue at all, so I rolled code out gradually with feature flags
, Pyramid web framework
Incident Response Consultant,
Taught myself enough DFIR in 4 weeks to somehow get hired at Mandiant!
Did digital forensics for investigations of data breaches, business email compromises, ransomware attacks, webshell uploads, and more for our clients
Built timelines of infected Windows and Linux systems by analyzing logs and forensic artifacts
Conducted frequency analysis, IOC hit review, and intel searches to proactively hunt for threats during compromise assessments
A security automation startup I launched in college. We interviewed at
twice (but never got in!)
Built a ticketing tool for handling security alerts, which let you run common tasks like "look up IP in VirusTotal" or "create forensic VM in AWS" in 1 click
Integrated chat, dark mode, 15+ integrations, REST API, admin site, keyboard shortcuts, JSON export
Built with Django, Django REST Framework, React, BlueprintJS, Styled Components, TypeScript
At Mandiant, we tracked incidents using an spreadsheet and a chat channel. To stay up to date on an incident, you had to monitor a 30-40 person chat room continuously.
Incidents is a web app for organizing large security incident investigations. It models an incident as a tree of tickets
Can assign a ticket to a user; add indicators/files/comments to a ticket; set a ticket's status and priority; restrict who can access an incident; mark a ticket as a lead.
Can rearrange an incident's tree using HTML5 drag and drop
Built with Rails, Bulma, Devise, JQuery
I read a lot of papers and books on security and upload my notes to
Here are some of my notes:
Notes on the "Web Application Hacker's Handbook"
Notes on "Experimental security analysis of a modern automobile" paper
Notes on the ATT&CK framework
Guide to malware analysis
Software design principles
Notes on "Computer Forensics and Incident Response"
"Exploiting medical devices" (BlackHat 2018 talk)
Notes on a couple security vendors' SEC filings