I am passionate about cloud security risk analysis, threat detection & incident response. The interplay between security automation and chaos engineering fascinates me. At the core of my drive is the desire to design and maintain tools that ensure security and resiliency in cloud native environments. Thus, my research and experience has spanned across these areas.
As an Information Security Engineer at data4life (a HealthTech company), I am responsible for several cloud security tasks such as vulnerability management, security monitoring and incident response.
Research and development of techniques and tools for providing security for public cloud infrastructure in collaboration with our industrial partners: Bundesdruckerei and neXenio. Have a look at my academic papers on my ResearchGate profile and on Google Scholar
This project is implemented as a Proof-of-Concept for several related aspects of my doctoral research. The projects cover topics revolving around risk assessment in cloud infrastructures.Github repo:Microservices Discovery using Client Side Discovery concept
This project extends the previous one, by developing a jenkins plugin to enable direct integration with aka Test Driven Security. Thus, security testing is automated for both applications and docker container images.Github repo: Security Integration in Cloud Application Development
Prototype system for automated threat detection and incident response in multi cloud storage systems. The system is based on our academic paper: SlingShot - Automated Threat Detection and Incident Response in Multi Cloud Storage Systems
A cloud security system that based on the principles of Chaos Engineering, however the focus is on Security. More details are contained in our research paper: Security Chaos Engineering for Cloud Services