Rajat Swarup is an information security researcher having immense experience in breaking security within the realms of law.  An “Ethical Hacker” by profession (I know everyone is) , a cricket/trance music lover by nature, he’s always trying to find out the answer to the questions : How? Why?

Rajat finished his Masters from University of Southern California, Los Angeles and soon left the beautiful Southern California to pursue his love for computer security research where he worked with the Advanced Security Centers, New York, Ernst & Young LLP.   After working with E&Y for a couple of years, Rajat joined VeriSign Global Security Consulting which was acquired by AT&T Consulting Solutions, Inc. in October 2009.  Thereafter, in January 2016, Rajat joined a financial services company where he heads the Application Security Group for an asset management firm in New York City.

During his consulting days, Rajat spent most of his time helping Fortune Top 100 customers with their information security needs from penetration testing (network, wireless, war dialing, reverse engineering), web application security assessments,  social engineering assessments, Payment Card Industry Assessments (PA-DSS and PCI DSS), Federal Trade Commission (FTC) assessments, database and network security architecture reviews, security configuration reviews for routers and switches, web application security code reviews, teaching classes for awareness of OWASP Top 10 to developers, performing forensics investigations,  breaking security of anything, etc.

Rajat enjoys solving problems using code using languages such as C/C++, C#, Perl, Python, and even Unix bash scripts.   Like most security people, Rajat believes that automating things to reduce time for testing for security vulnerabilities leaves people with more time to come up with newer, better and more efficient ideas.

This blog is an attempt to share the information that might be helpful to anyone.