About Me
Who am I?
I am a passionate Senior Security Specialist based in Australia with over 14 years of hands-on experience in information security and risk management. My journey in cybersecurity has taken me through impactful roles at industry-leading organisations including Microsoft, RiskIQ, Cyware, KPMG, Ernst & Young, and most recently, UniSuper.
Throughout my career, I have delivered comprehensive security consulting services across the APJ region, covering a wide range of areas such as infrastructure (both internal and external), application and API penetration testing, wireless security assessments, social engineering, red teaming, thick/thin client testing, and cloud architecture security reviews. My work has spanned numerous industries allowing me to adapt and thrive in diverse environments.
During my university years, I was actively involved with the RMIT Information Security Collective (RISC) and worked as a developer at Biarri Networks. At Biarri, I contributed to firewall security developing a visualisation algorithm to simplify the complex challenge of firewall rule management.
Outside of professional engagements, I actively participate in bug bounty programs and have received recognition for responsible disclosure from prominent companies such as WSO2, Netskope, Adobe, Apple, Google Chromium, IBM, C2FO, Blinksale, Appfog, TEDmed, among others. I also enjoy building open-source security tools and maintain several projects on GitHub.
I’m certified in Offensive Security (OSCP) and hold the SANS GPEN for network penetration testing. What I love most about working in cybersecurity is the constant evolution — every engagement is different and each challenge presents an opportunity to learn, innovate, and grow. Whether it’s penetration testing, security automation or developing integration strategies, I feel fortunate to be part of a field that keeps me intellectually engaged every day.
What will I find on this blog?
You’ll find plenty of reference guides and material on various topics in the field of cyber security. I am in general attracted to almost anything in the field of cyber security but I’ll mainly cover following topics:
- DevSecOps
- Application Security
- Internal Infrastructure Penetration Testing
- Web Application Penetration Testing
- Mobile Application (iOS, Android) Penetration Testing
- External Infrastructure Penetration Testing
- Red Team Engagements
- Hardware Hacking
- Social Engineering Engagements
- Thick & Thing Client Testing
- OSINT (Open Source Intelligence Gathering)
- Threat Hunting & Threat Intelligence related methods
- Security Automation
- OpenSource tooling
- DFIR
How do I contact you?
I am active on number of social media platforms , however, you can connect via LinkedIn and Twitter:
Please feel free to visit my LinkedIn Profile : https://www.linkedin.com/in/viralmaniar/
Tweet me here: https://x.com/ManiarViral
Disclaimer
All thoughts and opinions expressed are solely my own and do not express the views or opinions of my employer.