I'm a final-year BCA Honours student who'd rather build cloud security than study it. The project I'm proudest of maps AWS CloudTrail activity to MITRE ATT&CK and turns log noise into alerts an analyst can act on. The rest cover S3 threat detection, automated incident response, and phishing classification. Based in Bengaluru, India. Most of my time goes to building detection systems and working through hands-on security labs.
-
01GitHub ↗MITRE ATT&CK Detection Engine ATT&CK-MAPPED
It reads AWS CloudTrail logs and matches the activity against MITRE ATT&CK techniques, so a raw line like "CloudTrail was just turned off" comes out as a labelled alert an analyst can act on. The detection rules live as data, not code, so I can add a new one without touching the engine.
- 39 detection rules covering 20 ATT&CK techniques across 9 tactics
- Normalise → match → enrich with STIX metadata → build alert
- Coverage dashboard showing which techniques get caught and which slip through
Python · FastAPI · Pydantic v2 · Boto3 · MITRE STIX · pytest -
02GitHub ↗CloudScanner AWS-NATIVE
It keeps an eye on your AWS S3 setup and pulls threat signals from CloudTrail and EventBridge. When something looks off, it scores the severity and alerts you over Slack or SNS.
- Continuous S3 misconfiguration scanning with CIS Benchmark mapping
- CloudTrail → EventBridge → Lambda → SNS detection pipeline
- Real-time Slack & SNS alerting with severity classification
Python · FastAPI · Boto3 · AWS Lambda · CloudTrail · EventBridge · SNS · Terraform -
03GitHub ↗AI-Powered SOAR Engine SOC-READY
A SOAR prototype that ranks alerts by risk with a trained model, so the noise stops burying the ones that matter. It runs response playbooks on its own and logs every action for review.
- RandomForestClassifier assigns dynamic risk scores to cut alert fatigue
- Automated playbooks with conditional response execution
- Real-time Slack integration and SQLite audit logging
Python · Flask · Scikit-learn · Pandas · Chart.js · SQLite · Slack Webhooks -
04GitHub ↗MailFort ML-POWERED
It reads incoming email, decides whether each one is benign, suspicious, or phishing, and pulls out the indicators that gave it away. A Flask dashboard maps the campaigns and lets you look up IOCs.
- IMAP email fetching with automated feature extraction
- TF-IDF and RandomForest classification pipeline
- Flask dashboard with campaign visualisation and IOC lookup
Python · Flask · Scikit-learn · TfidfVectorizer · Pandas · IMAP · urlextract
I work on mobile app development for a Japanese startup, with a focus on the security side: input validation, safer authentication flows, and protecting how user data gets stored.
Built with three teammates in 8 days. ChandaEngine teaches a machine the rules of Sanskrit meter: it classifies syllables, checks verses against 20+ classical meters, and handles the Vipulā forms used in the Mahabharata. FastAPI and Next.js, Sarvam AI for speech, all 21 tests passing.
Netā-Nomics, a platform that makes public spending easier to follow and harder to hide. Built with Next.js, FastAPI, PostgreSQL, and Google Gemini.
Reach out if you want to talk about cloud security, detection engineering, or the work I've built.