madhuakula.com
Open in
urlscan Pro
76.76.21.123
Public Scan
Submitted URL: http://madhuakula.com/
Effective URL: https://madhuakula.com/
Submission: On June 21 via api from US — Scanned from DE
Effective URL: https://madhuakula.com/
Submission: On June 21 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
Name: contact — POST https://formspree.io/f/madhu.akula@hotmail.com
<form name="contact" method="post" action="https://formspree.io/f/madhu.akula@hotmail.com" data-netlify-recaptcha="true">
<div class="form-group form-inline"><label class="sr-only" for="inputName">Name</label>
<input type="text" name="name" class="form-control w-100" id="inputName" placeholder="Name" required="">
</div>
<div class="form-group form-inline"><label class="sr-only" for="inputEmail">Email</label>
<input type="email" name="email" class="form-control w-100" id="inputEmail" placeholder="Email" required="">
</div>
<div class="form-group"><label class="sr-only" for="inputMessage">Message</label>
<textarea name="message" class="form-control" id="inputMessage" rows="5" placeholder="Message" required=""></textarea>
</div><button type="submit" class="btn btn-outline-primary px-3 py-2">Send</button>
</form>Text Content
SEARCH
Madhu Akula
Madhu Akula
* Home
* Experience
* Publications
* Talks
* Projects
* Content
* Blog
* Contact
*
* Light Dark Automatic
MADHU AKULA
NEVER ENDING LEARNER!
PRAGMATIC SECURITY LEADER
*
*
*
*
*
*
*
Register for my upcoming Black Hat USA Trainings 2023 trainings A Practical
Approach to Breaking & Pwning Kubernetes Clusters before it gets sold out.
Madhu Akula is a pragmatic security leader and creator of Kubernetes Goat, an
intentionally vulnerable by design Kubernetes Cluster to learn and practice
Kubernetes Security. Also published author and cloud native security architect
with an extensive experience. Also he is an active member of the international
security, devops and cloud native communities (null, DevSecOps, AllDayDevOps,
AWS, CNCF, USENIX, OWASP, etc). Holds industry certifications like OSCP
(Offensive Security Certified Professional), CKA (Certified Kubernetes
Administrator), CKS (Certified Kubernetes Security Specialist), etc.
Madhu frequently speaks and runs training sessions at security events and
conferences around the world including DEFCON (24, 26, 27, 28, 29, 30), BlackHat
(2018, 19, 21, 22 & 23), USENIX LISA (2018, 19 & 21), SANS Cloud Security Summit
2021 & 2022, O’Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018,
19 & 22), All Day DevOps (2016, 17, 18, 19, 20, 21 & 22), DevSecCon (London,
Singapore, Boston), DevOpsDays India, c0c0n(2017, 18 & 20), Nullcon (2018, 19,
21 & 22), SACON, Serverless Summit, null and multiple others.
His research has identified vulnerabilities in over 200+ companies and
organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress,
NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and
rewards. He is co-author of Security Automation with Ansible2 (ISBN-13:
978-1788394512), which is listed as a technical resource by Red Hat Ansible. He
is the technical reviewer for Learn Kubernetes Security, Practical Ansible2
books by Packt Pub. Also won 1st prize for building Infrastructure Security
Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.
Interests
* Engineering Leadership
* Cloud Native Security
* Cloud & Container Security
* DevOps & DevSecOps
* Building & Breaking stuff
Education
* Information Technology
ANITS, Andhra University
* Electronics & Communications Engineering
SVKP Polytechnic College
EXPERIENCE
Founder
Madhu Akula
Feb 2022 – Present Amsterdam, Netherlands
https://madhuakula.com
Product Security
Miro
Oct 2020 – Jun 2022 Amsterdam, Netherlands
Leading & building the product security engineering for a hyper-growth online
collaborative whiteboard platform. Things happened at Miro since I joined 😊
* 📈 8M users, and now we have 35M+
* 🎉 Built and managed Cloud Native Security, Security Ambassadors teams
* 💵 $76M Series B Funding to $476M Series C with $17.5B valuation
* ❤️ Miro culture champion, helped to drive community, talent, tech branding
* 🎯 99% of Fortune 500 are customers
* 🎙 Did more than 80+ interviews at various levels across the organization
* 🧑🏫 Shared my knowledge and research across multiple international
conferences and communities
* 👏 Headcount 500 to more than 1500
* 🙌 Witnessed billions of requests scale and amazing culture
* 🌍 5 hubs to 12 hubs around the globe
* 🥳 New Logos, Customers, Integrations, Partnerships, etc.
Advisor
Stealth Startup
Sep 2020 – Oct 2021 Online
Research & Innovation, Technology Roadmap, Building awesome teams, culture &
company
Cloud Native Security
Xebia
Feb 2020 – Sep 2020 Amsterdam, Netherlands
Worked with wide variety of teams, clients and community to learn and share
pragmatic security knowledge
* Security Architecture, Engineering & Consulting
* Cloud, Containers and Kubernetes security
* Learning and sharing with the community
Security
Appsecco
May 2016 – Jan 2020 Bangalore, India
Joined as a 2nd member of the company. Read More
Appsecco is a specialist application security company that ‘gets’ web security
and can advise you on the best route for your business.
We provide simple solutions to problems and don’t confuse our clients with
technicalities.
Every team member shares a passion for providing the best possible security
solutions that meet the commercial needs and challenges of the clients and
organisations we work for.
No matter where they are based they bring the same strategic and pragmatic
thinking to ensure that security, operations and commercial goals are aligned to
bring you the best possible results.
Security Engineer II
Walmart
Oct 2014 – May 2016 Bangalore, India
Joined as a 1st member in the Fortune 1 Network Security team in India and
worked collaboratively with the USA team and other teams around the globe.
1. Responsible for the global network security for Walmart eCommerce.
2. Part of Incident Response team. Worked on Palo Alto, ASA, FWSM firewalls.
3. Responsible for assessment of automation tools, latest trends to enhance the
current security testing practices,update and enhance the standards used in
organisation.
4. Followed Agile-Scrum methodologies for deployment and development
activities.
5. Built an in house automation Attack Monitoring & Proactive Analytics
solution for Walmart using ELK stack.
6. Acknowledged by CISO, VP for my contribution in improving organisation’s
security posture by providing Critical Vulnerabilities in applications and
also for internal training among engineering teams in InfoSec.
7. Won best organizational level awards including AOM (Associate Of the Month),
Spot Award in entire InfoSec wing
Security Consultant
Payatu
Oct 2013 – Oct 2014 Dharamshala, India
1. Done Pen testing on complete Network as well as all Internal Web
Applications
2. Installed & Configured Active Directory, Domain controller services and
applied Group Policy Management
3. Installed & Configured Layer 2 & 3 switches and Routers
4. Installed & Configured Open Source Monitoring Servers, Inventory and
Ticketing Systems
5. Installed & Configured FTP, BACKUP and WEB Servers
6. Did hardening for Windows, LINUX servers & Networks
7. Configured SIEM Server for Centralized logging and installed Security Onion
for Network Packet Capture and analysis
8. Trained staff for configuration and maintenance of servers and systems
9. Researched on Real time Scenarios, Architectures and Tools
10. Worked with various International clients and completed the project
successfully
Internship
Saviour Info Sol Pvt.Ltd
May 2012 – Jun 2012 Hyderabad, India
Created a server with all security tools to monitor and analyze the network.
Information security researcher & Technical trainer - Part Time
SourceNXT
Jan 2012 – Sep 2013 Hyderabad, India
1. Trained more than 3000 people in the field of Information security, Ethical
Hacking and Cyber Security by various workshops and talks.
2. Done research on latest online potential threats and security tools and
frameworks.
3. Prepared course content for Networking & Security Modules.
Corporate trainer - Part Time
Technosoft Solutions
Jan 2012 – Apr 2013 Visakhapatnam, India
1. Trained INDIAN NAVY for 10 days Hands on Ethical Hacking & Information
Security Boot Camp
2. Worked with various clients and done corporate training on Network Security
& Forensics
3. Done Penetration Testing for Web Applications
4. Done Hardening Networks and Servers for small organizations
VOLUNTEERING
Snyk Ambassador
Snyk
Jul 2022 – Present Online
Snyk Ambassadors are just as passionate about security as Snyk is — and they
share their interest, expertise, and excitement within their communities to help
other developers and engineers build secure software. -
https://snyk.io/snyk-ambassadors
Community Builder
Amazon Web Services (AWS)
May 2021 – Present Online
The AWS Community Builders program offers technical resources, mentorship, and
networking opportunities to AWS enthusiasts and emerging thought leaders who are
passionate about sharing knowledge and connecting with the technical community.
Mentor - Cloud Security
null - The Open Security Community
Jan 2021 – Present Online
Mentoring for the Cloud Security Study Group
Program Committee
USENIX LISA
Jan 2021 – Dec 2021 Online
USENIX LISA is the premier conference for operations professionals, where
sysadmins, systems engineers, IT operations professionals, SRE practitioners,
developers, IT managers, and academic researchers share real-world knowledge
about designing, building, securing, and maintaining the critical systems of our
interconnected world.
Mentor
Nullcon
Apr 2020 – Present Online
Resume & Career Clinic has been a great initiative at Nullcon, for the
Candidates looking to progress their career in Information Security
Crew Member
Cloud Village - DEF CON
Jun 2019 – Present Las Vegas, USA
Part of DEF CON villages in Las Vegas. An open space to meet folks interested in
offensive and defensive aspects of cloud security. I was leading in creating and
running the CTF for the conference.
Speakers Bureau Member
CNCF
Nov 2018 – Nov 2021 World Wide
The CNCF Speakers Bureau helps connect event organizers with speakers who have
varied expertise in the cloud native ecosystem. Speakers consist of CNCF
ambassadors, meetup organizers, and prominent community members who are willing
to speak at events on the topics they are proficient in.
Moderator - DevSecOps track
All Day DevOps
Jan 2016 – Present Online
All Day DevOps is a FREE online community responsible for creating the world’s
largest DevOps conference. - https://www.alldaydevops.com
Contributor
DevSecOps
Jan 2016 – Present Online
Security is everyone’s responsibility - http://www.devsecops.org
Chapter Lead
null - The Open Security Community
Mar 2014 – Oct 2014 Dharamshala, India
Kick started null Dharamshala Chapter monthly meetups and other types of
meetings like null Humla and Puliya. Responsibilities include organizing monthly
events, arranging venues, inviting speakers, etc.
Contributor
Code Vigilant
Jan 2014 – Aug 2015 Online
Code Vigilant project is created out of the need to have a more secure open
source software. It is a known fact that a large number of users use opensource
software but a very few of them contribute back in terms of identifying and
making these opensource software a more secure piece of software.
This project is initiated with an aim of finding flaws in open source software
and making sure that we reach one of the following conclusion.
1. Get the vulnerability fixed and Patch issued.
2. If author is not reachable then make sure the public information is
available and spread the details that issues exist with opensource software
and discourage its usage.
Crew Member
Nullcon
Oct 2013 – Oct 2014 India
https://nullcon.net
ACCOMPLISHMENTS
Certified Kubernetes Security Specialist (CKS)
Cloud Native Computing Foundation Jul 2022
Certified Kubernetes Administrator (CKA)
Cloud Native Computing Foundation May 2019
Offensive Security Certified Professional (OSCP)
Offensive Security Dec 2016
AWS Security Fundamentals
Amazon Web Services (AWS) Nov 2016
Skybox Technical Security Professional
Skybox Security Feb 2016
Winner: InMobi Hack Day Summer 2015
InMobi May 2015
PAN ACE 6.1
Palo Alto Networks Feb 2015
PUBLICATIONS
Madhu Akula
Saturday, 01 Jul 2017
Security Vulnerabilities Acknowledgements
Details of my security vulnerabilities acknowledgements.
Madhu Akula
Saturday, 01 Jul 2017
Security Vulnerabilities Advisories
Details of my security advisories.
RECENT & UPCOMING: TALKS & TRAININGS
Amsterdam Secure Software Development Meetup + Cloud Security Meetup Amsterdam
Jan 2023 - Practical Guide to Kubernetes Security for Developers 🚀
Kubernetes become the defacto for deploying and managing applications from
startups to enterprises. This means most developers start …
Monday, 09 Jan 2023 00:00 UTC Amsterdam, Netherlands
Black Hat Asia 2023 - A Practical Approach To Breaking & Pwning Kubernetes
Clusters
The adoption of Kubernetes use in production has increased to 83% from a survey
by CNCF. Still, most of the security teams struggle to …
Monday, 09 Jan 2023 00:00 UTC Singapore
DEF CON Trainings Bellevue, WA 2023 - A Practical Approach to Breaking & Pwning
Kubernetes Clusters
The adoption of Kubernetes use in production has increased to 83% from a survey
by CNCF. Still, most security teams struggle to …
Monday, 09 Jan 2023 00:00 UTC Bellevue, WA, USA
NorthSec 2023 - Practical Approach to Breaking & Pwning Kubernetes Clusters
Containers and Kubernetes are everywhere. The adoption of Kubernetes use in
production has increased to 83% from a survey by CNCF. …
Monday, 09 Jan 2023 00:00 UTC Canada
A Practical Approach To Breaking & Pwning Kubernetes Clusters
The adoption of Kubernetes use in production has increased to 83% from a survey
by CNCF. Still, most security teams struggle to …
Monday, 05 Dec 2022 00:00 UTC London, UK
See all events
PROJECTS
*
All Security DevOps
CLOUD NATIVE SECURITY PLAYGROUND
Cloud Native Security Playground. Coming soon!
KUBERNETES GOAT
The Kubernetes Goat designed to be intentionally vulnerable cluster environment
to learn and practice Kubernetes security.
HACKER CONTAINER
Container with all the list of useful tools/commands while hacking Kubernetes
Clusters
DOCKER-SECURITY-CHECKER
Dockerfile Security Checker using OPA Rego policies with Conftest
TOOLS.TLDR.RUN
Curated list of security tools for Hackers & Builders! https://tools.tldr.run
ATTACKING AND AUDITING DOCKER CONTAINERS AND KUBERNETES CLUSTERS
Training course content on Attacking and Auditing Dockers Containers and
Kubernetes Clusters
BREAKING AND PWNING APPS AND SERVERS ON AWS AND AZURE - FREE TRAINING COURSEWARE
AND LABS
Course content, lab setup instructions and documentation of our very popular
Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
OSINT-VIZ-PLATFORM-RECONVILLAGE
Building visualisation platforms for OSINT data using open source solutions
ATTACKING & AUDITING DOCKER CONTAINERS USING OPEN SOURCE - DEF CON 26
This repository contains all the presentation, documentation and the virtual
machine links for hands-on.
HACKED EMAILS
Command line utility for hacked-emails
INTRODUCTION TO CONTAINERS
An Introduction to Containers using Docker and using it for Security Automation
- null Bangalore Puliya
RANETO-DOCKER
Docker container for Markdown based Raneto Knowledgebase
AUTOMATED INFRASTRUCTURE SECURITY MONITORING & DEFENCE
null Bangalore Public Bachaav 10 December 2016 Automated Infrastructure Security
Monitoring & Defence
DEFCON24 - NINJA LEVEL INFRASTRUCTURE MONITORING WORKSHOP
This repository contains all the presentation, documentation and the
configuration, sample logs, ansible playbook, customized dashboards and more for
Defcon24 Workshop Contents : Ninja Level Infrastructure Monitoring.
VULNERABLE APPS
Proof of concept applications which you can deploy using vagrant and ansible
AWESOME DEVSECOPS
Training course content on Attacking and Auditing Dockers Containers and
Kubernetes Clusters
CODE VIGILANT
Code Vigilant project is created out of the need to have a more secure open
source software.
DOCKER DATA SCIENCE TOOLBOX
Data Science Command Line Toolbox in a docker container
DOCKER-DATASPLOIT
Docker container for datasploit framework
MARKDOWN AUTOMATION
Automating Documentation, Presentation, Knowledge base using Markdown (Zero to
Hero)
SECURITY AUTOMATION WITH ANSIBLE2
This repository contains all the code, playbooks, details regarding the book on
Security Automation with Ansible2.
WINDOWS CLI GEMS
wincmdfu project is for windows one line commands that make life easier,
shortcuts and command line fu. This is combination of all tweets from @wincmdfu
CONTACT
Name
Email
Message
Send
© Madhu Akula
Published with Wowchemy — the free, open source website builder that empowers
creators.
CITE
×
Copy Download