Nitin Goplani OSCP, CREST CRT, CISSP, CBSP, CCNSE, CTMP
دبي الإمارات العربية المتحدة
٨ آلاف متابع
أكثر من 500 زميل
نبذة عني
That high, 10yrs back, when I discovered that first SQL injection vulnerability and for the first time saw the look on the developers face as I explained to him how I could compromise his DB using a simple edition to his SQL query via this simple utility called "Burp", I knew I wanted to feel that HIGH & that sense of satisfaction, again and again, every day.
Since then I have made it my career goal to learn and stay "ahead of the curve" in multiple areas of Product Security, including Application Security testing, mobile security, and network security.
At the risk of the sounding narcissist, this zeal led me to not only be listed on 1000+ (yes thousand plus) Hall of Fame's like Facebook, Google, LinkedIn, Twitter, Yahoo, eBay, Tesla, Uber, Salesforce, Swift, PayPal, most major Banks and Financial institutions, most Blockchain solutions, but this also helped me to be the Top Bug Bounty Hunter on the following platforms:
2015 11th Rank HackerOne (Worldwide)
2015 - 2017 1st Rank Synack Crowd Security Platform (Worldwide)
2016 - 2017 3rd Rank BugCrowd Crowd Security Platform (Worldwide)
2017 HBO Hack the World Winner
2017 – 2019 3rd Rank Cobalt Crowd Security Platform (Worldwide)
2020 1st Rank SlowMist Blockchain Crowd Security Platform (Worldwide)
2020 1st Rank Amazon Souq Hall of Fame (Worldwide till date)
Public CVEs:
CVE-2019-7356 & CVE-2019-7357
I have tried sharing my knowledge via my various articles and have been interviewed by multiple publications the latest one here:
https://mp.weixin.qq.com/s/u7I1ZAveHCMbxbCl23KJ_Q
https://twitter.com/qlcchain/status/1152146498345287680?lang=en
In the last couple of years, my focus has now shifted to helping organizations design and implement their Product Security programs and automate Security in their CI/CD pipelines.
I enjoy working on projects that challenge my ability to think outside of the box, rapidly absorb and adopt new technical skills, and ultimately prepare myself for future challenges that await me.
مقالات Nitin Goplani
النشاط
-
When managing a career and a personal life/family you should never have to sacrifice one for the other. Thank you, Soundharya Nagasubramanian for…
When managing a career and a personal life/family you should never have to sacrifice one for the other. Thank you, Soundharya Nagasubramanian for…
تم إبداء الإعجاب من قبل Nitin Goplani OSCP, CREST CRT, CISSP, CBSP, CCNSE, CTMP
-
Exciting news! We are thrilled to announce that Abheesh Thaleppady has joined our team as the new Manager of Product Development. Please join us in…
Exciting news! We are thrilled to announce that Abheesh Thaleppady has joined our team as the new Manager of Product Development. Please join us in…
تم إبداء الإعجاب من قبل Nitin Goplani OSCP, CREST CRT, CISSP, CBSP, CCNSE, CTMP
التراخيص والشهادات
-
Certified Cloud-Native Security Expert (CCNSE)
Practical DevSecOps
تم الإصدار في معرف الشهادة CCNSE76C243B9 -
Certified Container Security Expert (CCSE)
Practical DevSecOps
تم الإصدار في معرف الشهادة CCSE76C243B9 -
Certified Threat Modeling Professional (CTMP)
Practical DevSecOps
تم الإصدار في معرف الشهادة CTMP76C243B9 -
Certified Information Systems Security Professional (CISSP)
(ISC)²
تم الإصدار في معرف الشهادة 825914 -
CREST Registered Penetration Tester
CREST - www.crest-approved.org
تم الإصدار في معرف الشهادة 18531537 -
Offensive Security Certified Professional (OSCP)
Offensive Security
تم الإصدار في معرف الشهادة OS-101-04942 -
Certified Blockchain Security Professional (CBSP)
Blockchain Training Alliance
تم الإصدار في تنتهي في معرف الشهادة 0x70470f6dd19c7745a324fc1acdc4326087e54b6c84056b62ecd5c6450fbeb30d -
المنشورات
التكريمات والمكافآت
-
HBO Hack the World 2017 Winner
HBO
-
1st Rank in Souq's Bug Bounty List in the World (2015, 2016 & 2017)
Souq
Reported 76 Security Issues.
-
Listed in 4Chan Hall of Fame
4chan
https://hackerone.com/4chan/thanks
-
Listed in ANCILE Hall of Fame
ANCILE
https://bugcrowd.com/ancile/hall-of-fame
-
Listed in AT&T Hall of Fame
AT&T
https://bugbounty.att.com/hof.php
-
Listed in Acquia Hall of Fame
Acquia
https://www.acquia.com/how-report-security-issue
-
Listed in Adobe Hall of Fame
Adobe
http://helpx.adobe.com/security/acknowledgements.html
-
Listed in Altervista Hall of Fame
Altervista
http://en.altervista.org/credits.php
-
Listed in Appcelerator Hall of Fame
Appceletrator
https://www.appcelerator.com/privacy/responsible-disclosure-of-security-vulnerabilities/
-
Listed in Apple Hall of Fame
Apple
http://support.apple.com/kb/HT1318
-
Listed in Aptible Hall of Fame
Aptible
https://bugcrowd.com/aptible/hall-of-fame
-
Listed in Attack-Secure Hall of Fame
Attack-Secure
http://attack-secure.com/whitehat/
-
Listed in Badoo Hall of Fame
Badoo
http://corp.badoo.com/security
-
Listed in Barracudalabs Hall of Fame (Multiple Times)
Barracuda
https://barracudalabs.com/research-resources/bug-bounty-program/bug-bounty-hall-of-fame-2/
-
Listed in Basecamp Hall of Fame
Basecamp
https://basecamp.com/security/response
-
Listed in Birst Hall of Fame
Birst
http://www.birst.com/security-reporting
-
Listed in Bitcasa Hall of Fame
Bitcasa
https://support.bitcasa.com/hc/en-us/articles/202210658-How-To-Responsibly-Report-Security-Concerns
-
Listed in BlackBerry Hall of Fame
BlackBerry
http://us.blackberry.com/business/enterprise-mobility/mobile-security/incident-response-team/collaborations.html
-
Listed in Card Hall of Fame
Card
https://bugcrowd.com/card/hall-of-fame
-
Listed in Cloudflare Hall of Fame
Cloudflare
https://hackerone.com/cloudflare/thanks
-
Listed in ConstantContact Hall of Fame
ConstantContact
http://www.constantcontact.com/legal/report-vulnerability
-
Listed in Datocapital Hall of Fame
Datocapital
https://en.datocapital.com/report-security-issue.html
-
Listed in DeskPRO Hall of Fame
DeskPRO
https://www.deskpro.com/security/
-
Listed in Erasmus University Rotterdam Hall of Fame
Erasmus University Rotterdam
http://www.eur.nl/english/erna/information/safe_online/hall_of_fame/
-
Listed in Etsy Hall of Fame (Multiple Times)
Etsy
https://www.etsy.com/help/article/2463
-
Listed in EventBrite Hall of Fame
EventBrite
https://www.eventbrite.com/walloffame/
-
Listed in Facebook Hall of Fame (Multiple Times)
Facebook
https://www.facebook.com/whitehat/thanks
-
Listed in FlowDock Hall of Fame
FlowDock
https://www.flowdock.com/thanks
-
Listed in FormAssembly Hall of Fame
FormAssembly
http://www.formassembly.com/blog/formassembly-vulnerability-and-security-reporting/
-
Listed in Foxycart Hall of Fame
Foxycart
http://www.foxycart.com/security-contact
-
Listed in Freelancer Hall of Fame
Freelancer
https://bugcrowd.com/freelancer/hall-of-fame
-
Listed in Gittip Hall of Fame
Gittip
https://gratipay.com/security.txt
-
Listed in Google Hall of Fame (Multiple Times)
Google
http://www.google.com/about/appsecurity/hall-of-fame/distinction/
-
Listed in Gratipay Hall of Fame
Gratipay
https://gratipay.com/about/security/hall-of-fame
-
Listed in Greenhouse Hall of Fame
Greenhouse
https://hackerone.com/greenhouse/thanks
-
Listed in InVision Hall of Fame
InVision
https://hackerone.com/invision/thanks
-
Listed in Internetwache Hall of Fame
Internetwache
https://en.internetwache.org/security/
-
Listed in Logentries Hall of Fame
Logentries
https://logentries.com/doc/security/
-
Listed in Mail.Ru Hall of Fame
Mail.Ru
https://hackerone.com/mailru/thanks
-
Listed in MailChimp Hall of Fame
MailChimp
http://mailchimp.com/about/security-response/
-
Listed in Myntra Hall of Fame
Myntra
http://www.myntra.com/security/whitehat
-
Listed in NSN Hall of Fame (Prime Reporter)
Nokia Siemens Networks
http://nsn.com/responsible-disclosure
-
Listed in Netflix Hall of Fame
Netflix
https://help.netflix.com/en/node/6657#gsc.tab=0
-
Listed in Nokia Hall of Fame
Nokia
http://company.nokia.com/en/acknowledgements
-
Listed in NolimitVPN Hall of Fame
NolimitVPN
https://bugcrowd.com/nolimitvpn/hall-of-fame
-
Listed in OkCupid Hall of Fame
OkCupid
https://hackerone.com/okcupid/thanks
-
Listed in OpenText Hall of Fame
OpenText
http://www.opentext.com/who-we-are/copyright-information/security-acknowledgements
-
Listed in Pantheon Hall of Fames
Pantheon
https://bugcrowd.com/pantheon/hall-of-fame
-
Listed in Paypal Hall of Fame (Multiple Times)
Paypal
https://www.paypal.com/webapps/mpp/security-tools/wall-of-fame-honorable-mention
-
Listed in PinoyHackNews Hall of Fame
PinoyHackNews
http://www.pinoyhacknews.com/security
-
Listed in Prezi Hall of Fame
Prezi
http://prezi.com/bugbounty/whitehats/
-
Listed in PupperLabs Hall of Fame
PuppetLabs
https://puppetlabs.com/security/acknowledgments
-
Listed in PureVPN Hall of Fame
PureVPN
https://bugcrowd.com/purevpn/hall-of-fame
-
Listed in ReddAPI Hall of Fame
ReddAPI
https://hackerone.com/reddapi/thanks
-
Listed in Ribose Hall of Fame
Ribose
https://www.ribose.com/security/hall_of_fame
-
Listed in Security Net Hall of Fame
Security Net
http://securitynet.org/security-researcher-acknoledgments/
-
Listed in Shaukk Hall of Fame
Shaukk
http://shaukk.com/developers.php
-
Listed in Simple Hall of Fame
Simple
https://bugcrowd.com/simple/hall-of-fame
-
Listed in SiteGround Hall of Fame
Siteground
https://www.siteground.com/term/92.htm
-
Listed in Skamster Hall of Fame
Skamster
http://www.skamster.com/footer/superheroes.php
-
Listed in Smart Budget Hall of Fame
Smart Budget
https://www.sbudget.com/people.pl
-
Listed in Socrata Hall of Fame
Socrata
https://bugcrowd.com/socrata/hall-of-fame
-
Listed in SplashID Hall of Fame
SplashID
https://bugcrowd.com/splashid/hall-of-fame
-
Listed in Sprout Social Hall of Fame
Sprout Social
https://bugcrowd.com/sproutsocial/hall-of-fame
-
Listed in StopTheHacker Hall of Fame
StopTheHacker
https://hackerone.com/stopthehacker/thanks
-
Listed in Tesla Hall of Fame
Tesla
https://www.teslamotors.com/about/legal#tesla-security-researcher-hall-of-fame
-
Listed in Twilio Hall of Fame
Twilio
https://www.twilio.com/docs/security/disclosure
-
Listed in Twitter Hall of Fame (Multiple Times)
Twitter
https://hackerone.com/twitter/thanks
-
Listed in Uber Hall of Fame
Uber
https://www.uber.com/security
-
Listed in Viadeo Hall of Fame
Viadeo
http://www.viadeo.com/aide/security/
-
Listed in Wamba Hall of Fame
Wamba
http://corp.wamba.com/en/developer/security/?fame
-
Listed in WePay Hall of Fame
WePay
https://hackerone.com/wepay/thanks
-
Listed in Yahoo Hall of Fame (Multiple Times)
Yahoo
https://hackerone.com/yahoo/thanks
-
Listed in Zendesk Hall of Fame
Zendesk
http://www.zendesk.com/company/responsible-disclosure-policy
-
Listed in oDesk Hall of Fame
oDesk
https://bugcrowd.com/odesk/hall-of-fame
-
Listed in ownCloud Hall of Fame
ownCloud
https://owncloud.org/security/hall-of-fame/
-
Listed on 5th Rank of BugCrowd's All Time Ninjas List - Oct 2014
BugCrowd
https://bugcrowd.com/leaderboard
-
Rewarded bby Qiwi Security Team
Qiwi
https://qiwi.ru/page/hack.action
-
Rewarded by Algolia Security Team
Algolia
-
Rewarded by Bitcoin.de
bitcoin.de
https://www.bitcoin.de/en/bug-bounty
-
Rewarded by Blackphone Security Team
Blackphone
https://bugcrowd.com/blackphone/hall-of-fame
-
Rewarded by BudgetSimple Security Team
BudgetSimple
https://www.budgetsimple.com/security
-
Rewarded by Cisco Meraki Security Team
Cisco Meraki
https://meraki.cisco.com/trust/#srp
-
Rewarded by Concur Security Team
Concur
-
Rewarded by Cylance Security Team
Cylance
-
Rewarded by Dropcam Security Team
Dropcam
-
Rewarded by Dropmyemail Security Team
Dropmyemail
https://www.dropmyemail.com/security
-
Rewarded by EMC2 Security Team
EMC2
http://www.emc.com/products/security/product-security-response-center.htm
-
Rewarded by Flexport Security Team
Flexport
-
Rewarded by Giftcards Security Team
Giftcards
http://www.giftcards.com/acknowledgements
-
Rewarded by Glassdoor Security Team
Glassdoor
-
Rewarded by Heroku Security Team
Heroku
-
Rewarded by IFIXIT Security Team
IFIXIT
https://www.ifixit.com/Info/Responsible_Disclosure
-
Rewarded by ImageOptim Security Team
ImageOptim
-
Rewarded by Indeed Security Team
Indeed
https://bugcrowd.com/indeed/hall-of-fame
-
Rewarded by Jet Security Team
Jet
https://bugcrowd.com/jet/hall-of-fame
-
Rewarded by Launchkey Security Team
Launchkey
https://launchkey.com/whitehat
-
Rewarded by LinkedIn Security Team
LinkedIn
http://help.linkedin.com/app/safety/answers/detail/a_id/37022
-
Rewarded by Magento Security Team
Magento
http://magento.com/security
-
Rewarded by Mapbox Security Team
Mapbox
https://hackerone.com/mapbox/thanks
-
Rewarded by MobileNation Security Team
MobileNation
-
Rewarded by Munzee Security Team
Munzee
https://hackerone.com/munzee/thanks
-
Rewarded by Mythemeshop Security Team
Mythemeshop
-
Rewarded by Netherlands Cyber Security Team
NCSC
https://www.ncsc.nl/english/current-topics/wall-of-fame.html
-
Rewarded by PagerDuty Security Team
PagerDuty
http://www.pagerduty.com/security/disclosure/
-
Rewarded by Privatbank Security Team
Privatbank
-
Rewarded by RelateIQ Security Team
RelateIQ
https://www.relateiq.com/security
-
Rewarded by Roamler Security Team
Roamler
-
Rewarded by Salesforce Security Team
Salesforce
-
Rewarded by Sbwire Security Team
Sbwire
https://help.releasewire.com//index.php?/Knowledgebase/Article/View/23/0/bug-bounty-program
-
Rewarded by Shoeboxed
Shoeboxed
https://www.shoeboxed.com/whitehat/
-
Rewarded by Silent Circle Security Team
Silent Circle
https://bugcrowd.com/silentcircle/hall-of-fame
-
Rewarded by Slack Security Team
Slack
https://hackerone.com/slack/thanks
-
Rewarded by Souq Security Team
Souq
https://hackerone.com/souq/thanks
-
Rewarded by Starbucks Security Team
Starbucks
-
Rewarded by Starleaf Security Team
Starleaf
-
Rewarded by Sunrise Calendar Security Team
Sunrise Calendar
https://bugcrowd.com/silentcircle/hall-of-fame
-
Rewarded by TNO Security Team
TNO
-
Rewarded by Tagged Security Team
Tagged
https://bugcrowd.com/tagged/hall-of-fame
-
Rewarded by TubeMogul Security Team
TubeMogul
http://www.tubemogul.com/compliance/privacy-policy/
-
Rewarded by Yandex Security Team
Yandex
-
Rewarded by Yelp Security Team
Yelp
https://hackerone.com/yelp/thanks
-
Rewarded by iWelcome Security Team
iWelcome
التوصيات المستلمة
9شخص قدموا توصية لـNitin Goplani
انضم الآن لعرضالمزيد من أنشطة Nitin Goplani
-
To all startup CTOs, if you don't have security team, you can use this checklist to improve security of your company. This covers domain/company…
To all startup CTOs, if you don't have security team, you can use this checklist to improve security of your company. This covers domain/company…
تم إبداء الإعجاب من قبل Nitin Goplani OSCP, CREST CRT, CISSP, CBSP, CCNSE, CTMP
-
Africa is on track to become a global digital powerhouse by building a secure, digital, resilient, and sustainable future for the continent, where OT…
Africa is on track to become a global digital powerhouse by building a secure, digital, resilient, and sustainable future for the continent, where OT…
تم إبداء الإعجاب من قبل Nitin Goplani OSCP, CREST CRT, CISSP, CBSP, CCNSE, CTMP
