Bhavin Patel is a Sr. Threat Research Engineer with seven years of hands-on experience blending incident response, threat research, and security software engineering at Splunk and NBCUniversal. He builds open-source detection tooling and detection content, contributes to high-profile projects like Atomic Red Team and Splunk Security Content, and focuses on cloud-native threats and analytics-driven detections. Skilled in network forensics, SIEM, malware investigations, and secure development, he translates noisy telemetry into actionable detections using Python and Splunk SPL. Known for meticulous analysis and practical countermeasures, he pairs deep investigative experience with contributions that enable reproducible, platform-agnostic testing (e.g., kubectl and AWS atomics). Based in San Francisco, he holds an MS in Information Assurance and enjoys the detective work of finding signals others miss.
7 years of coding experience
5 years of employment as a software developer
Master's degree, Information Assurance, Master's degree, Information Assurance at Northeastern University
Bachelor of Engineering (BEng), Computer Engineering, First class, Bachelor of Engineering (BEng), Computer Engineering, First class at University of Mumbai
Contributions:36 releases, 971 reviews, 2723 commits in 3 years 11 months
Contributions summary:Bhavin's commits primarily focus on bug fixes and improvements to the `validate.py` and `generate.py` files, which are likely involved in the security content generation process. The changes involve adjustments to risk calculations and template rendering in the context of a cybersecurity repository. These changes also include updates to a file related to template rendering for saved searches, suggesting a focus on backend logic and content generation within a security context.
Small and highly portable detection tests based on MITRE's ATT&CK.
Role in this project:
Back-end Developer & DevOps Engineer
Contributions:153 reviews, 107 commits, 131 PRs in 1 year 7 months
Contributions summary:Bhavin contributed to the project by adding and modifying code related to shell scripts and configuration files, including integrating a kubectl executor for atomic tests. They also implemented changes to support AWS cloud atomics, including adding new platform names and updating relevant files. The user's work also involved merging branches and modifying ruby and shell scripts used in the testing framework.
mitremitre-attackportable
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.