Red Hat Ruda Barar
Ruda OneTrust Vendor Risk Managment Expert
Ruda OneTrust GRC Professional
Ruda OneTrust Data Privacy Professional
CQI-IRCA ISO 27001 Lead Auditor
Certified Ethical Hacker
EC Council Security Analyst Trained
EXIN ISO 27001
IBM Cybersecurity Analyst

CQI-IRCA Registered ISO 27001 Auditor
Certified Ethical Hacker

Cyber Security Analyst

Ruda Barar

  • LinkedIn
  • Twitter
 

Hi, I am Ruda Barar...

I am an experienced cybersecurity professional, working at the intersection of security, businesses, technology and people. I am a trained & certified ethical hacker and security analyst from the EC-Council. I have cleared the CQI-IRCA Certified ISO/IEC 27001 Lead Auditor level and am an IRCA registered Auditor. I have also completed ISO/IEC 27002 Foundation certification. Furthermore, these industry qualifications are backed up by my education inclusive of a Master's degree in information security and a Bachelor's degree in information technology.

Key areas within information security where I have specific expertise, include privileged & regular identity access management, especially in context to Thycotic & Amazon Web Services. Also trained in access control, cloud governance principles, & networking fundamentals. I have also acquired professional training to understand the National Institute of Standards and Technology (NIST) privacy framework, PCI DSS: Payment Card Industry Data Security Standard, & the HIPAA data & information security framework.

Ruda Information Security Analyst

LinkedIN

Ruda Barar

EC-Council CEH Certified | CQI-IRCA Registered ISO 27001 Auditor | ECSA Trained | Master of Technology (M.Tech) in Information Security

 
 

My Credentials...

CEH
ISO 270001
ECSA
IBM

Certified Ethical Hacker (CEH)

Trained​ to use novel commercial-grade tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack a website, organization or server. Well versed with the most prominent 18 attack vectors, including the IoT hacking, OWASP Top 10, APT, Analyzing vulnerabilities, API threats through the web, file-less malware, & web shells. Improve your exploit development by learning about existing and new vulnerabilities from the elementary level. Get exposure to the latest technologies, such as OT Technology, Container Technology. Worked on exploit development through researching about existing and new vulnerabilities from the ground level up, with relevant exposure to new tech, such as OT Technology, & Container Technology. I have also worked on some of the latest malware analysis tactics used for preventing or investigating financial  malware, ransomware, IoT botnets, OT & android malware. I have acquired relevant understanding of the taxonomy of file-less malware threats, obfuscation techniques to

Ruda Barar Certified Ethical Hacker

bypass an antivirus, launching such an attack through script-based injection, or phishing, and have trained on aspects required to defend against intrusions like these. Through this certification I have specific knowledge of various ethical hacking phases, key attack vectors, and important preventative countermeasures, which make me uniquely suitable to be in a position to work on cybersecurity projects including vulnerability detection, threat mapping setting up data security infrastructure and defending against various types of cyber attacks.

  • Some key aspects of the training & knowledge include:

    • Performing foot-printing and inspection using the latest techniques, which forms a vital pre-attack stage necessary in ethical hacking.

    • Scanning techniques & countermeasures for network attacks | Enumeration methods & countermeasures.

    • Analyzing and identifying security loopholes in a target organization’s communication infrastructure or network and end point systems.

    • Understanding steganalysis attacks, system hacking techniques & covering tracks to uncover system and network weaknesses.

    • Auditing internal systems for various types of malware including trojans, virus, worms, to identify or defend against malware attacks.

    • Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend sniffing.

    • Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and associated countermeasures.

    • DoS/DDoS attack tools & techniques to audit a target and associated countermeasures.

    • Intercepting & uncovering session hijacking methods to identify session management at the network level, access management & cryptographic vulnerabilities | Understanding and prevent attacks to web servers and audit risk exposures in web server infrastructure, along with relevant countermeasures.

    • Understanding wide-ranging web application hacking approaches to be able to audit vulnerabilities in these applications, & effectively prevent them.

    • Understanding SQL injection attacks and be able to use injection detection tools to identify and prevent SQL injection attempts.

    • Understanding attack vectors related to mobile platforms, various android vulnerability manipulations.

    • Understanding firewall, honeypot & IDS evasion methods, & tools to audit a network perimeter for vulnerabilities along with the knowledge to prevent them.

CEH is trusted by Fortune 500 Companies

To play, press and hold the enter key. To stop, release the enter key.

CEH is recognized by...

To play, press and hold the enter key. To stop, release the enter key.

 
 
InfoSec Insights
 
InfoSec Insights
IoT, Smart Devices, Cybersecurity

EC-Council

The Rise of An Era: IOT & Cybersecurity

The Internet of Things (IoT) is rapidly gaining momentum in various industries. Various organizations have been introducing IoT technology to consumer electronics and home appliances, resulting in the smart kitchen, which is gaining popularity among consumers. Along with technological advancement, a corresponding advancement of consumer knowledge and awareness must also be an integral part of the IoT evolution. Currently, there seems to be a gap between where the consumers are and where they should be to effectively combat the increased onslaught of cyber-threats.

Alerts, Security Suite, Simulators

IOSR Journal of Computer Engineering (IOSR-JCE)

Security Suite for IT and Telecom Industries

Security is the biggest concern nowadays faced by various companies as security threats are more prevalent. This „openness‟ is the reason because of which protecting networks and business data is even more difficult. The solution in response to this threat is to provide a single aggregated view of all the threats observed in the network, to prioritize them so the worst are dealt first. It can happen only through “Security Suite”. It offers insight of Front-end-Perimeter protection(FEP), Advanced Breach Detection(ABD), Distributed Denial-of –Service(DDOS) protection. But, what when they are not accessed from the same simulator. This paper refers to the working of Security Suite in real time, to provide a more user friendly working and reduce the tedious task of switching between simulators. It states how the products of the organization and the Security Suite can go hand in hand.