Daniel Sarica

Developed a secure network design standard that generated over $200,000 for an outsourcing company that implemented it for its customers. I provided a general blueprint that could be deployed to multiple customers.

As a cybersecurity expert, I developed a unique "Secure Network Design" standard. This initiative was grounded in my deep understanding of the evolving threat landscape and the need for robust, secure networking solutions that would protect the integrity of sensitive data and ensure seamless operations for businesses.

This standard was a comprehensive blueprint for building a secure network infrastructure that could withstand diverse cyber threats. It considered several critical factors, including network segmentation, firewall configuration, intrusion detection systems, secure VPNs, end-to-end encryption, multi-factor authentication, and adherence to the latest cybersecurity protocols.

Realizing the immense potential of this standard, an outsourcing company decided to adopt it. This company was a prominent player in the IT sector, providing services to a wide range of clients globally.

The standard was implemented across all their services. It became a significant selling point for the company, appealing to the growing cybersecurity consciousness among businesses.

As a result, the company saw a significant uptick in revenue, generating over $200,000 in additional profits.

The scope of this project was to check the security of the SaaS Startup before it went live. They were expecting contracts from big-name companies like Meta, Google, and Adobe.

They were expecting those companies to ask for penetration testing (pentest) before they added their data within the SaaS startup environment.
• Planning and preparation: Create pentest scope and goals, set up Burp Suite and Tenable, whitelisted IPs, and outlined procedures and timelines.
• Discovery: Utilized Tenable for vulnerability scanning and Burp Suite for reconnaissance and application-level vulnerability detection.
• Attack: Conducted manual attack attempts using Burp Suite, focusing on business logic errors and documenting the outcomes
• Post-attack analysis: Determine the efficacy of current security measures and where improvements can be made.
• Reporting: Created a detailed pentest report, highlighting critical vulnerabilities, successful attack vectors, and providing recommendations.
Key vulnerabilities resolved included remote code execution (RCE) enabling full back-end server control, blind SQL injections, and XXE injection.

As a cybersecurity professional, I successfully deployed a Security Operation Center (SOC) using open-source tools, including Wazuh, OSSEC, Ansible, and AWX. This project was designed to enhance our cyber-defense capabilities while also considering cost efficiency.

Wazuh, an advanced intrusion detection system, and OSSEC, a host-based intrusion detection system, were key components in our SOC set up. They provided comprehensive security monitoring and alerting, ensuring suspicious activities were swiftly detected and responded to.

Ansible was used to automate the deployment and configuration of these tools, ensuring consistency and reducing manual errors. Its web-based counterpart, AWX, made it possible to manage and control our Ansible playbook runs in a more user-friendly way.

Using these open-source tools, as opposed to expensive commercial alternatives resulted in substantial cost savings. The project saved the company approximately $100,000, a testament to the financial viability of utilizing open-source solutions without compromising on security efficacy.