Andriy Brukhovetskyy is a Principal Researcher with 12 years of experience in malware analysis, threat intelligence and security engineering, currently based in Amsterdam and working at Google. He has a strong track record at Mandiant/FireEye and in advanced cybersecurity services, combining hands-on engineering with research-driven defenses. Andriy is an active open-source contributor to well-known projects like Cuckoo Sandbox, Cowrie honeypot and Volatility — often adding integrations (MISP, Cuckoo, MalShare), hardening detection signatures, and improving forensic tooling for real-world investigations. He blends back-end and DevOps skills to make malware analysis pipelines more robust and automatable, and has a knack for refactoring complex plugins into reusable components. His background in ISO 27001-level security management and hands-on feed/plugin development gives him both policy-level perspective and deep technical fluency.
12 years of coding experience
8 years of employment as a software developer
Master SGSI (ISO 27001), NSA, PSA, ISP, Master SGSI (ISO 27001), NSA, PSA, ISP at S21sec University
Administration of computer information systems, Administration of computer information systems at Instituto Cuatrovientos
Cuckoo Sandbox is an automated dynamic malware analysis system
Role in this project:
Security Engineer & DevOps Engineer
Contributions:58 commits, 68 PRs, 2446 comments in 3 years 5 months
Contributions summary:Andriy contributed to the integration of MISP (Malware Information Sharing Platform) to the Cuckoo Sandbox for enhanced malware analysis and threat intelligence. They implemented a MISP integration module, developed web interface components, and added configuration options for whitelisting and filtering IOCs. The user also improved the system's robustness with error handling and incorporated integration with InetSIM and Tor for network analysis and anonymization, showcasing skills in both security and infrastructure.
Contributions:86 commits, 82 PRs, 189 comments in 1 year
Contributions summary:Andriy focused on improving the YETI platform, implementing standalone testing capabilities for analytics modules. They also contributed to the documentation, adding information on extending the web API and testing feeds. Furthermore, the user added new feed plugins for threat intelligence gathering and made improvements to the domain reconnaissance functionality, which involved updating related scripts.
everydaydfirenrichmentmitre-attackinfosec
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Andriy Brukhovetskyy - Principal Researcher at Google