Staff Research Engineering Technical Leader at cisco-sbg Splunk SigmaHQ magicsword-io
Hull, England, Germany
Join Prog.AI to see contacts
Join Prog.AI to see contacts
Summary
🤩
Rockstar
🎓
Top School
Top expert inCybersecurity Analytics and Threat Intelligence
Nasreddine Bencherchali is a Staff Research Engineering Technical Leader and Senior Threat Researcher with eight years of hands-on experience in detection, threat hunting, malware analysis, incident response and Windows internals. He combines research-led detection engineering with practical offensive and DFIR experience, having authored SIGMA rules, YARA signatures (including detections for Follina CVE-2022-30190) and contributions to the flagship Sigma rule repository. Based between Hull and Germany, he now works at Cisco after a stint at Splunk and maintains core responsibilities at SigmaHQ, bridging open-source rule validation and enterprise detection pipelines. Known for obsessive attention to Windows behavior and regex-driven rule hardening, he also blogs about infosec and runs practical projects like MAL-CL that surface evasive command-line techniques.
8 years of coding experience
7 years of employment as a software developer
Master's degree Information Systems Security, Master's degree Information Systems Security at Saad Dahlab University - Blida, Algeria
Baccalaureate Science, Baccalaureate Science at Mouloud Kacem Naït Belkacem High School
Contributions:1518 reviews, 1092 commits, 1124 PRs in 1 year 3 months
Contributions summary:Nasreddine's commits primarily focus on enhancing and refining the testing framework for security rules within the Sigma repository. They made significant contributions to the test suite, including improvements to regex patterns for MITRE ATT&CK tags, adding tests for duplicate filters, and correcting common field name typos. The user also added tests to improve the robustness of the rule validation process.
YARA signature and IOC database for my scanners and tools
Role in this project:
Security Engineer
Contributions:7 reviews, 8 commits, 4 PRs in 6 months
Contributions summary:Nasreddine's contributions primarily involve updating YARA rules within the `signature-base` repository. They added and modified rules designed to detect exploit attempts related to CVE-2022-30190 (Follina) and CVE-2022-46169, specifically focusing on identifying malicious patterns in files and network traffic. The user also addressed a broken extension, indicating a focus on maintaining and improving existing detection capabilities.
scanneryarahashdfirioc
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Nasreddine Bencherchali - Staff Research Engineering Technical Leader at cisco-sbg Splunk SigmaHQ magicsword-io