SOC Analyst · Security Engineer · Vulnerability Researcher

Chaitanya Garware

I investigate, harden, and explain security risk across SOC detection, cloud security, and application security. My strongest signal is publicly verifiable vulnerability research: 7 published GitHub Security Advisories and 4 CVE-assigned findings.

7 published advisories 4 CVE-assigned findings 4.0 MS Cybersecurity GPA
View resume See research GitHub
0 Published advisories
0 CVE-assigned findings
0 MS Cybersecurity GPA
0 CTF points

Experience

Career journey with operational security depth.

Hands-on work across security education, healthcare security readiness, detection engineering, and infrastructure analysis.

Jan 2026 – May 2026 Graduate Teaching Assistant — Computer Networks, UAB
  • Led networking and security labs for 80+ students across TCP/IP, Linux, Wireshark, packet analysis, and troubleshooting.
  • Reinforced practical SOC foundations through network visibility, protocol behavior, and hands-on analysis.
NetworkingWiresharkLinuxTCP/IP
Sep 2025 – Dec 2025 Cybersecurity Specialist — MedLaunch Concepts
  • Built SIEM dashboards and alert workflows, supported remediation of critical vulnerabilities, and improved security visibility.
  • Mapped controls for ISO 27001, HITRUST, HIPAA, and SOC 2 readiness in a healthcare security context.
SIEMAWSVulnerability ManagementHIPAA
May 2023 – Jul 2023 Cybersecurity Intern — Palo Alto Networks AICTE
  • Deployed and tuned Snort/Suricata IDS rules and validated vulnerabilities using Kali Linux and Nmap.
  • Improved alert quality through packet analysis, traffic inspection, and security testing workflows.
SnortSuricataNmapKali Linux

Research

Published advisories, ranked by impact.

Publicly verifiable vulnerability research across SSRF, path traversal, authorization, and stored XSS classes.

01
High 8.8CVE-2026-54519

ai-agent-automation — missing ownership checks in memory APIs

Missing ownership checks allowed cross-user memory read and deletion.

 02
High 8.6CVE-2026-50131

Fedify — incomplete SSRF mitigation / special-use IPv4 bypass

Special-use IPv4 ranges could bypass SSRF validation controls.

 03
High 8.1CVE-2026-54520

ai-agent-automation — workflow step path traversal

Read/write access was possible outside the expected directory boundary.

 04
High 7.1CVE-2026-50181

Langroid — file tool path traversal outside configured directory

Caller-controlled paths could escape the configured working directory.

All published advisories

Full list ordered by severity and recruiter impact.

#AdvisoryProjectSeverityImpactCVE
1GHSA-qv97-83w4-ff86ai-agent-automationHigh 8.8Cross-user memory read/deletionCVE-2026-54519
2GHSA-xw9q-2mv6-9fr8fedifyHigh 8.6SSRF validation bypassCVE-2026-50131
3GHSA-cm8g-8jfq-887pai-agent-automationHigh 8.1Workflow path traversalCVE-2026-54520
4GHSA-fg23-3346-88f5langroidHigh 7.1File path traversalCVE-2026-50181
5GHSA-cvpc-hccg-wmw4formieModerate 6.3Unauthorized config modification
6GHSA-5p3m-vhh6-9236stigmemModerate 6.3Blind SSRF
7GHSA-cwv4-h3j5-w3cframaLow 3.7Stored XSS

Projects

Selected technical work.

A focused set of projects that support the same security narrative: detection, cloud hardening, automation, and research.

AI + SOC

OpenSOC-AI

LLM-assisted SOC research for log analysis, threat extraction, MITRE ATT&CK mapping, and structured analyst output.

PythonLLMSOCQLoRA
 Cloud

AWS Cloud Security Scanner

Security automation for IAM, S3, logging, and practical cloud hardening workflows.

AWSPythonCloud Security
 Research

Vulnerability Research Lab

Patch diffing, PoC reproduction, advisory evidence packs, and disclosure writing.

AppSecGHSAPoC
 Secure UX

Quantum Password Manager

Password security project exploring encryption, credential protection, and secure interface patterns.

CryptoSecurity UXWeb

Skills

Core competencies ecosystem.

Grouped by how the skills are used in real security work, not by arbitrary percentage bars.

SOC & Detection

Alert triageSIEMSplunkQRadarELKMITRE ATT&CKIncident response

Cloud & Infrastructure

AWSIAMS3CloudTrailGuardDutyLinuxNetworking

AppSec & Research

SSRFPath traversalAuthorization testingPoC writingPatch diffingGHSACVE

Automation & Tools

PythonBashPowerShellNmapWiresharkSnortSuricata

Contact

Let’s talk security.

Open to Cybersecurity Analyst, SOC Analyst, Security Engineer, Cloud Security, Vulnerability Management, and GRC-oriented roles.

Email me LinkedIn
Email copied to clipboard