Security is more than just my profession—it’s my passion and purpose. With a background in Computer Science, I have always been fascinated by the intersection of technology, security, and business innovation. I believe cybersecurity should not be an afterthought or a blocker but a strategic enabler that helps organizations move faster, innovate securely, and scale with confidence.

My work focuses on securing applications and products, integrating security seamlessly into development workflows, and leveraging AI-driven security solutions to stay ahead of evolving threats. I am particularly passionate about IoT security, where the convergence of physical and digital security presents unique challenges, and Deep Learning for Security, where AI can revolutionize threat detection, anomaly detection, and malware analysis. My expertise extends to cryptography, ensuring the integrity, confidentiality, and authenticity of critical data, as well as threat modeling, proactively identifying and mitigating risks in software design. I thrive on solving complex security problems, performing secure code reviews, designing secure architectures, and embedding security into CI/CD pipelines to make security an integral part of software engineering.

Beyond technical implementation, I have also been deeply involved in roadmap planning for security products, ensuring that teams align with business objectives from the early stages of development. I am passionate about mentoring and enabling teams to adopt a security-first mindset, fostering a culture where security is seen as an asset rather than a constraint. More than just finding vulnerabilities, I aim to build resilient, scalable, and attack-aware systems that don’t just meet compliance but enhance business value, efficiency, and trust. My goal is to contribute to a future where security-first design becomes the standard and plays a fundamental role in shaping the next generation of technology.

💡 "Security should be built-in, not bolted-on."

🚀Languages & Scripting 🐍 Python | 🖥️ Bash | 🎯 PowerShell | 📜 JavaScript | 🛠️ C++ | ⚙️ Go | ☕ Java 🔐 Security Tools 🔎 Burp Suite | 🛡️ Nessus | 🕵️ YARA, Snort | 📊 Semgrep, Bandit | 📡 Wireshark | 🎯 Metasploit, BloodHound 📡 Nmap | 🔍 Trivy, SonarQube | ⚡ Splunk, Wazuh | 🛑 CrowdStrike Falcon ⚙️DevSecOps & Automation 🐳 Docker | ☸️ Kubernetes | 🔄 GitHub Actions, Jenkins | 🏗️ Terraform, Ansible 🕵️‍♂️ SIEM & Threat Hunting 📈 Splunk | ⚡ Graylog, Wazuh | 🚨 CrowdStrike Falcon ☁️ Cloud & Infrastructure Security 🔐 AWS Security | ☁️ Azure Security | 🏗️ Terraform, Kubernetes Hardening 🤖 Machine Learning for Security 🔬 Deep Learning for Malware & Threat Detection 📊 AI for Log Analysis & Anomaly Detection 📜 Frameworks & Standards 📑 NIST, ISO 27001, OWASP, CIS Controls, FERC, CMCC 🌐 Network & Endpoint Security 🛡️ Firewalls, VPNs, IDS/IPS, Network Segmentation 🖥️ EDR, Patch Management, Antivirus ⚡ Incident Response & Compliance 🚨 SIEM, Threat Hunting, Digital Forensics 🏛️ GDPR, HIPAA, PCI-DSS Compliance & Auditing

✅ Certified Ethical Hacker(CEH) v11
✅ IBM Cybersecurity Analyst
✅ Deep Learning Specialization(Andrew Ng, Coursera) ✅ ISC2 CC (Certified in Cybersecurity) ✅ Full Stack Web Development(Udemy) ✅ AWS Certified Solutions Architect(In Progress) 🎯 OSCP (In Progress)

This Github Profile is still under Construction! Updates are on the way :)

• Developed a malware detection model leveraging behavioral analysis and self-attention-based transformer architectures for advanced threat identification.
• Utilized NLP techniques to enhance feature extraction from malicious code and system logs, reducing false positives by 15% and improving detection accuracy.

• Designed and developed a remote attestation framework for MCUs running audio sensing software, ensuring data integrity and security across 10,000+ devices in contested environments.
• Implemented a novel lightweight cryptographic algorithm with a centralized verifier, enhancing device trustworthiness while maintaining efficiency in resource-constrained systems.

• Designed and deployed a highly secure web application server, implementing OWASP Top 10 protections to mitigate SQL injection, XSS, CSRF, and authentication bypass attacks.
• Hardened server security with containerized deployment (Docker/Kubernetes), TLS encryption, WAF integration, and MFA authentication, ensuring enterprise-grade resilience against modern cyber threats.

• Led an AWS Enterprise Security Risk Assessment, conducting asset identification, threat modeling, and impact analysis for critical cloud services.
• Developed a risk matrix and remediation plan aligned with NIST 800-53 and CIS benchmarks, optimizing security investments with a multi-tier budget strategy, and improving cost efficiency by 30%.

• Advancements and architecture for secure Federated Learning framework for privacy-preserving EHR analysis, addressing key security challenges such as poisoning attacks, inference risks, and communication vulnerabilities.
• This project enhances secure healthcare data collaboration by enabling privacy-preserving machine learning, ensuring compliance with HIPAA and other privacy regulations, and advancing trust in AI-driven healthcare solutions.

• Developed an automated phishing susceptibility assessment tool to evaluate user vulnerability through simulated phishing campaigns on Multifactor Authentication applications such as DUO.
• Integrated real-time analytics and reporting to measure phishing resilience, track behavioral patterns, and provide targeted security awareness training.

• Engineered a full-scale enterprise security lab on ESXi 7, replicating real-world IT environments with Active Directory, DNS, mail server, and a custom Dockerized Python web app—built to withstand modern cyber threats.
• Led immersive Red Team vs. Blue Team exercises, conducting advanced vulnerability assessments, attack simulations, and defensive countermeasures, culminating in a detailed cybersecurity report with actionable insights for a hardened, production-ready deployment.

• IOT Seccurity: Collective Attestation for IoT Devices - Patented Framework.
• CISA sponsored Project: Published a white paper on "The underlying risks of implementing Multimedia in Next-Gen 911 systems" and presented it at the United States Capitol.
• Advanced Distributed Networking Research: Explored the Security and Privacy Challenges for Federated Learning in Electronic Health Care Records.
• Post Quantum Cryptography Research: Proposed an MVP for Implementing Post-Quantum Digital Signatures like Sphincs+ and Crystalls Dyllitheum on a resource-constrained Smart Card reader to enable secure transactions in a Post-Quantum Crypto Era.
• AWS Cybersecurity Report: Asset Identification, Threat Modelling, Risk Matrix, Impact Analysis, Devised a Cybersecurity Budget based on a low Budget, Medium, and Money-not-an-object Budget. Listed the different types of controls such as preventative, detective, forensic, audit, deterrent, and residual controls. And also suggested the top 10 most impactful security controls that cover the most significant risks given a tight security budget.

• Check out my latest Blog post on Embedded System Security.

I love these Open-Source projects and I hope to contribute to them in my free time.

• Nebula
• DeepExploit
• TensorFlow Privacy
• JAX
• Adversarial Robustness Toolbox (ART)

• OSQuery
• Trivy
• ZAP (OWASP)
• Tor Project
• Google's Tink
• Let’s Encrypt

• Semgrep – Lightweight static analysis for secure code reviews.
• GitLeaks – Detect hardcoded secrets in repos.
• HardenRunner – Secure GitHub Actions workflows.
• Kubernetes Security (kube-bench) – Checks Kubernetes security best practices.
• Cloud Custodian – Security & compliance automation for cloud environments.

• Sigma – SIEM rule detection (Used in enterprise threat intelligence).
• TheHive – Open-source Security Incident Response Platform (SIRP).
• YARA – Malware detection rules framework.
• Suricata – Intrusion detection/prevention system.
• Threat Dragon – Open-source threat modeling tool.

• OpenTitan

• Rochester Security Summit
• B-Sides Security Conference ROC
• Etisalat- Design Thinking Workshop

📩 Feel free to reach out for collaborations, security research, and open-source projects.

🔗 LinkedIn: linkedin.com/in/tanishqborse
🌐 Portfolio: camasecurity.com
📧 Email: [email protected]

💬 Let’s talk about security, automation, and AI in cybersecurity! 🚀

If you find my projects helpful, consider starring ⭐ my repositories!