Ryan Miller

Collaborated with the CISO to construct a white paper analyzing the causes and impacts of recent healthcare data breaches and strategies to secure Knowtion Health. Researched Knowtion Health’s current security posture and compliance with HITRUST, HIPPA, and SOC 2.

Performed Prompt injection against vulnerable AI models and created a custom AI Vishing model to impersonate an employee. Exploited exposed databases, web applications, Active Directory configurations, and default service credentials. Created a detailed report detailing findings, business impact, and compliance violations for executives and presented findings to C-suite audience.

Check out our final report HERE.

Identified and exploited misconfigurations in Active Directory, Linux, and AWS environments, with a focus in Web Application and AI Exploitation. Performed web exploits including blind SQL injection, prompt injection photos, and PII exposure through IDOR. Compiled formal written reports detailing our findings, business impact, compliance violations, and remediation and presented findings to C-suite audience.

Check out our final report HERE.

Organized multiple practice sessions every week, developed a team game plan, voted MVP and Most Improved. Set up a DNS server using bind9 with forward and reverse zones for custom internal and external IPv4 addresses. Hardened linux server by implementing egress firewall, changing passwords, and threat hunting existing backdoors.

Developed and implemented hardening techniques to mitigate red-team attacks on business-critical infrastructure. Responded to business requests including system inventory reports, incident reports, and user access management. Managed Databases and Websites across multiple Linux and Windows machines on a connected network.