Panel Discussion - Recon First Thinking: Winning Bounties Without Telling the Firewalls

Penske Truck Leasing, Application Security Lead

I’m a cybersecurity professional with an M.S. in Cybersecurity and a deep interest in OSINT and recon methodologies. My work involves developing cloud-native, customer-facing applications that manage high-sensitivity PII and identity data. I lead efforts around secure authentication (OAuth2/OIDC), encrypted communications (TLS), and IAM unification across platforms. Given the attack surface of public-facing apps, recon and surface enumeration are part of my ongoing threat modeling and hardening strategy.

Synack Sr Security Analyst

After spending over 2 decades in the airline industry, I changed careers into cybersecurity. I have helped manage over 2400 engagements with teams of over 1000 researchers across all verticals in commercialand government. I regularly consult with executives in many Global 500 organizations and government to developsecurity and testing plans. I have helped develop products around OWASP, NIST, OSINT, API and AI testing. I speak regularly at conferences and help train developers and blue teams to help defend some of the most critical networks worldwide.

Bug Bunty Hunter @ synack red team, Lead Pentester @ cobalt , founder @ BSides Ahmedabad

My name is Nikhil Srivastava AKA niksthehacker. I am bug bounty hunter. I have helped over 200 companies to uncover 1000+ Security Vulnerabilities such as Google, Microsoft, Tesla, Mozilla, Salesforce, eBay, federal agencies, and more. I am the #6 Hacker in the World and #1 Hacker in India at Synack. I am the founder of Security BSides Ahmedabad, an international hacking conference hosted each year in Ahmedabad, India. I was awarded as the most trusted Hacker by Synack in 2019 at the RSA conference in the United States.

Manager Research and Consulting at RedHunt Labs