Profiles search

Avery Tarasov

VP, Cybersecurity - Threat Hunter - Author of ArcticMyst Security - CISSP, CHFI, CEH, PCNSE
New Rochelle, NY, United States

Details

Education: Master’s Degree

Information Systems and Technology Management - Specialization in Information Assurance and Security

Capella University

2013 : 2015

Bachelor’s Degree

Information Technology

Capella University

2010 : 2013

A.A.S.

Information Technology

Mercer County Community College

2005 : 2008

Princeton Day School
Experience: 2022 : Present

Wafra

Vice President, Cybersecurity

Created ArcticMyst Security, an EDR / threat hunting tool for Windows written in C++ for Windows which is in the Microsoft Store, MajorGeeks.com, and SoftPedia.com.

ArcticMyst Security is a free open source endpoint detection and response (EDR) tool with an option for additional fee-based threat hunting & monitoring. Elevated permissions are required to install this software. The app monitors process events, registry startup changes, registry pending delete operations, crashing processes, blocks rundll32.exe from using Winsock or calling WSAStartup (disabled by default), and blocks Excel from loading .XLL files. User can enable/disable blocking options. Systray balloons promptly alert user when registry startup entries change, processes crash, rundll32 calls Winsock/WSAStartup, and when Excel loads XLL files. All events are transmitted to our server for threat hunt analysis.

Website : https : //deeptide.com

Crashboard : https : //deeptide.com/crashboard

Microsoft Store : https : //apps.microsoft.com/store/detail/arcticmyst/XPDNDSJL64HJPB

2015 :

DeepTide, LLC

Founder / Owner

• Engineered system design for the largest Internet laser discussion forum with over 43,000 members and 1.2 million posts.

2006 :

Laser Pointer Forum, LLC

Founder / Owner

Information security program design and implementation as the first hire for the information security team. Develop security policies and procedures, provide security awareness training, manage vendor security, and provide SOC leadership. Additionally, lead incident response function and technical malware detection capabilities via custom software and rules.

• Lead development of an entirely new information security program including creation of policies and procedures, team functional tasks, SOC deployment, incident handling, security awareness training, and vendor security. Managed staff.

• Blocked over 300 malware/ransomware infections with custom authored Windows C++ security software (PowerShell attack blocking, Zoom backdoor/keylogger detection.

• Authored over 30 Palo Alto IPS rules which blocked 200+ malware C2 data leakages.

• Prevented the data leakage of 400+ SSNs through custom tools and IPS rules.

• Lead all forensic investigations and e-Discovery for Legal and KIND business units.

• Automate manual tasks with PowerShell, C/C++, and Kaseya Scripts.

• Designed cyber security metrics Web application for executives written in Perl to show trending threats and monitor other key security Indicators of Compromise.

• Lead all vulnerability scanning and DLP efforts.

2020 : 2022

KIND

Senior Manager, Security Engineering & Threat Operations

2015 : 2020

KIND

Manager, Security Engineering
Company: Wafra
Years of Experience: 20

About

Talented and motivated cyber security professional, senior management level, with a consistent track record of superior performance.

• 18 years of IT experience: 14 in cyber security, with the past 8 years in a cyber security management role.

• Expert in both technical and non-technical aspects of cyber security – built Information Security programs and Security Operation Centers (SOCs) from the ground up.

• Experienced team leader and project champion.



Created ArcticMyst Security, a threat hunting tool for Windows written in C++ for Windows which is in the Microsoft Store, MajorGeeks.com, and SoftPedia.com.



ArcticMyst Security is a free endpoint detection and response (EDR) tool with an option for additional fee-based threat hunting & monitoring. Elevated permissions are required to install this software. The app monitors process events, registry startup changes, registry pending delete operations, crashing processes, blocks rundll32.exe from using Winsock or calling WSAStartup (disabled by default), and blocks Excel from loading .XLL files. User can enable/disable blocking options. Systray balloons promptly alert user when registry startup entries change, processes crash, rundll32 calls Winsock/WSAStartup, and when Excel loads XLL files. All events are transmitted to our server for threat hunt analysis.



Website: https://deeptide.com

Crashboard: https://deeptide.com/crashboard

Microsoft Store: https://apps.microsoft.com/store/detail/arcticmyst/XPDNDSJL64HJPB



Top contributor in the world of open source Snort malware detection rules between 2012-2015 with 369 rules accepted to the Snort community rule set.