PSY9 Security

📂 𝗣𝗦𝗬𝟵𝗖𝗮𝘀𝗲𝗳𝗶𝗹𝗲𝘀 𝗩𝗼𝗹. 𝟬𝟮 — 𝗧𝗵𝗲 𝗣𝗵𝗮𝗻𝘁𝗼𝗺 𝗔𝗣𝗜 🚨 “𝗔𝗹𝗹 𝗦𝗲𝗰𝘂𝗿𝗲.” That’s what the dashboards said. But /v0/ 𝗵𝗮𝗱 𝗼𝘁𝗵𝗲𝗿 𝗽𝗹𝗮𝗻𝘀. This isn’t about zero-days. It’s about 𝗺𝗶𝘀𝗽𝗹𝗮𝗰𝗲𝗱 𝘁𝗿𝘂𝘀𝘁 in green dashboards, 𝗽𝘂𝗯𝗹𝗶𝗰 𝗦𝘄𝗮𝗴𝗴𝗲𝗿 𝗳𝗶𝗹𝗲𝘀, and one 𝗳𝗼𝗿𝗴𝗼𝘁𝘁𝗲𝗻 𝘁𝗼𝗸𝗲𝗻 that could’ve cost ₹𝟵𝟱 𝗖𝗿. 🔍 𝗪𝗵𝗮𝘁’𝘀 𝗶𝗻𝘀𝗶𝗱𝗲 𝘁𝗵𝗲 𝗰𝗮𝘀𝗲𝗳𝗶𝗹𝗲: – A legacy API – Hardcoded secrets – Misconfigured logging All silently working against the client, until we looked. 👇 𝗦𝘄𝗶𝗽𝗲 𝘁𝗵𝗿𝗼𝘂𝗴𝗵 𝘁𝗵𝗲 𝘀𝗹𝗶𝗱𝗲𝘀. Then ask yourself: 𝗪𝗵𝗮𝘁’𝘀 𝘀𝘁𝗶𝗹𝗹 𝗿𝘂𝗻𝗻𝗶𝗻𝗴 𝗶𝗻 𝘆𝗼𝘂𝗿 𝗶𝗻𝗳𝗿𝗮 𝘁𝗵𝗮𝘁 𝗻𝗼 𝗼𝗻𝗲 𝗿𝗲𝗺𝗲𝗺𝗯𝗲𝗿𝘀? 📌 𝗩𝗼𝗹. 𝟬𝟯 𝗱𝗿𝗼𝗽 𝗧𝗶𝘁𝗹𝗲: When Google Drive Became the Threat Actor You’re not ready for this one. 👀 𝗙𝗼𝗹𝗹𝗼𝘄: PSY9 Security 📬 𝗗𝗠 𝘂𝘀: To share your anonymous war story 🧩 𝗪𝗮𝗻𝘁 𝗮𝗻 𝗔𝗣𝗜 𝘁𝗵𝗿𝗲𝗮𝘁 𝘀𝗰𝗮𝗻? No pitch. Just truth. #CyberSecurity #PSY9Casefiles #PSY9Security #RealSecurity #CloudSecurity #ZeroTrust #APISecurity #DevSecOps #RedTeam #InfoSec #SecurityAwareness #SecurityStrategy #CSPM #IncidentResponse #ThreatIntel

🚨 We’re Hiring! Join the PSY9 Security Team 🚨 Position: Junior Penetration Tester (1-3 Years Experience) 📍 Location: On-site 📧 Apply: talent@psy9.in | CC: shakti@psy9.in At PSY9 Security, we’re looking for a highly motivated and skilled Junior Penetration Tester to join our Cyber Ops Division. If hunting vulnerabilities excites you and “unauthorized access” (legally, of course) makes your eyes light up – this is your call to #JoinTheDarkSide. 🌟 What You’ll Do: 🔹 Conduct penetration testing on Web, Mobile, APIs, Cloud & Networks 🔹 Perform Active Directory & firewall security assessments 🔹 Review source code for security flaws 🔹 Collaborate with teams on remediation plans 🔹 Stay ahead of emerging threats and tools 🛠 Your Arsenal (Skills & Tools): ✔ 1–3 years in pentesting (Web, Mobile, API, Network, Cloud) ✔ Proficiency in Burp Suite, Nmap, Metasploit, Wireshark, MobSF ✔ Preferred Certs: CEH, OSCP, OSWE ✔ Strong problem-solving & communication skills 🎯 Bonus Skills (Not mandatory, but lethal): Red Team basics PoC crafting wizardry Reporting that tells a story 💰 Perks & Benefits: ✅ Competitive salary + performance bonuses ✅ Continuous learning & certifications ✅ Work with cutting-edge security tech If you’re passionate about cybersecurity and ready to make an impact, send your CV + past hacks (GitHub, reports, project links) to: 📧 talent@psy9.in CC: shakti@psy9.in Subject : Application for Jr Penetration Tester 📌 Tagging: PSY9 Security Shakti Ghodadra Nidhi Rohilla Shreya Dabhi Mausam Gajjar Abhishek Ghosh #CybersecurityJobs #PenetrationTesting #HiringNow #TechJobs #InfoSec #CyberJobs #SecurityCareers #JoinOurTeam #PSY9Security #Cybersecurity #EthicalHacking

🚨 We’re Hiring at PSY9 Security! 🚨 Looking for Junior Penetration Testers (1-3 yrs) to join our Cyber Ops Division. 💥 Hands-on with Web, Mobile, API, Network pentesting? 💥 Passionate about finding & fixing vulnerabilities? 📧 Send your CV + past work: talent@psy9.in | CC: shakti@psy9.in 📍 Location: On-site #CybersecurityJobs #EthicalHacking #PenetrationTesting #PSY9Security #JoinTheDarkSide

🚨 𝐏𝐒𝐘𝟗𝐂𝐚𝐬𝐞𝐟𝐢𝐥𝐞𝐬 𝐕𝐨𝐥. 𝟎𝟏 — 𝐓𝐡𝐞 𝐆𝐫𝐞𝐞𝐧 𝐃𝐚𝐬𝐡𝐛𝐨𝐚𝐫𝐝 𝐋𝐢𝐞 This one still haunts us. A well-funded fintech client brought us in for a standard VAPT. They were confident ✔️ No recent incidents ✔️ All tools showed clean scans ✔️ CSPM dashboards were “all green” But here’s what the tools didn’t catch — because they never do: 🧩 𝐖𝐡𝐚𝐭 𝐰𝐞 𝐮𝐧𝐜𝐨𝐯𝐞𝐫𝐞𝐝 (𝐦𝐚𝐧𝐮𝐚𝐥𝐥𝐲): • A forgotten IAM role created for a vendor 9 months ago, still had full admin rights on prod • S3 versioning was on, but old file versions were public, containing buried .env files with secrets • Dev teams had pushed AWS tokens to a dead Git branch • CloudTrail? Logging to an S3 bucket that was in the same compromised role path • One of their old Jenkins jobs still had a live Slack webhook with write access to incident channels 🧨 𝐑𝐢𝐬𝐤 𝐢𝐟 𝐞𝐱𝐩𝐥𝐨𝐢𝐭𝐞𝐝? → Full AWS takeover → Undetectable lateral movement via Slack → Access to customer data with no alert trail → Direct breach of compliance, with evidence leaking silently for months 𝐓𝐨𝐭𝐚𝐥 𝐩𝐨𝐭𝐞𝐧𝐭𝐢𝐚𝐥 𝐝𝐚𝐦𝐚𝐠𝐞? Conservatively ₹55 crore+. 🛠️ 𝐖𝐡𝐚𝐭 𝐰𝐞 𝐝𝐢𝐝 𝐧𝐞𝐱𝐭: • Revoked dormant keys & roles • Segmented high-risk buckets • Wrote detection rules for token leakage across Git & CI/CD • Mapped all identity flows into visual threat paths • Helped them move from “checklist security” to real risk reduction 🔍 𝐖𝐡𝐲 𝐢𝐭 𝐦𝐚𝐭𝐭𝐞𝐫𝐬: This wasn’t about a zero-day. It was about misplaced trust in dashboards and tools that only see what they’re told to look for. Your infra won’t scream when it's bleeding quietly. This is exactly why 𝐏𝐒𝐘𝟗𝐂𝐚𝐬𝐞𝐟𝐢𝐥𝐞𝐬 exists. Not to brag. But to educate, challenge assumptions, and show that real security happens after the tools go silent. 📅 𝐍𝐞𝐱𝐭 𝐜𝐚𝐬𝐞𝐟𝐢𝐥𝐞 𝐝𝐫𝐨𝐩𝐬 𝐓𝐮𝐞𝐬𝐝𝐚𝐲. Let’s just say… you’ll never look at "secure APIs" the same way again. 👀 𝐅𝐨𝐥𝐥𝐨𝐰 𝐏𝐒𝐘𝟗 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 🔔 Turn on alerts 📬 DM us to share your (anonymous) war stories 🧩 Curious if your infra has ghosts like these? DM us for a no-commitment review — we’ll tell you what your tools won’t. #CyberSecurity #RedTeam #PSY9Casefiles #RealSecurity #InfoSec #VAPT #InfraSecurity #SaaS #ZeroTrust #CloudSecurity #PSY9Security

🚨 Hello LinkedIn community! We’re thrilled to announce something new (and powerful): 🔍 Starting this week, every Tuesday / Thursday, we’re launching the #PSY9Casefiles series. What’s this all about? Every casefile will feature real cybersecurity stories from the frontlines — no fluff, just real impact: ✅ How we helped clients discover hidden vulnerabilities ✅ Chained misconfigs missed by tools ✅ Silent risks sitting inside critical infra ✅ What the report didn’t show — but a hacker would find ✅ And how we translated findings into action Whether you’re a CISO, IT lead, founder, or just someone who’s tired of buzzwords and tool demos — this series is for you. We’ll be sharing: 💡 Hard-hitting takeaways 🛡 Frameworks we actually use in the field 🔦 Stories from industries like pharma, BFSI, SaaS, and more So if you care about real security over checkbox compliance — 👉 Follow PSY9 Security 👉 Hit “🔔” to stay updated 👉 And DM us if you’d like to be anonymously featured 👀 Let’s make cybersecurity more transparent, story-driven, and worth your scroll. #CyberSecurity #VAPT #RedTeam #InfoSec #CaseStudy #TechLeadership #CyberStories #PSY9Casefiles #PSY9Security #SecurityDoneRight #VCISO #IndianTech

🎯 ATAL FDP 2025 | Day 1 Highlights 📍 Marwadi University | Faculty of Computer Applications The inaugural day of our AICTE-sponsored offline Faculty Development Program on "Cybersecurity for a Sustainable Digital Future – Research, Challenges & Innovations” kicked off with enthusiasm, insights, and innovation! 🙏 The event was inaugurated by: 🔹 Prof. (Dr.) R. B. Jadeja – Provost, Marwadi University 🔹 Shri Naresh Jadeja – Executive Registrar 🔹 Prof. (Dr.) R. Sridaran – Dean, FCA 🔹 Dr. Sunil Bajeja – HoD, FCA 💡 Expert Sessions: 🔐Mr. Shakti Ghodadra – CEO & Founder, PSY9 Security Pvt. Ltd. Topic: Cybersecurity Compliance in Web Applications: Aligning with DPDP 🛡️ Dr. Dharmesh Shah – Scientist-B, INFLIBNET Topic: Infosec Essentials and Risk Management for Academia It was a powerful start to a week filled with deep insights and knowledge exchange on the evolving cyber threat landscape. Stay tuned for more updates from #ATALFDP2025! #MarwadiUniversity #CyberSecurity #DPDPCompliance #RiskManagement #AICTEATAL #FCA #DigitalSecurity #CyberAwareIndia

At MARWADI UNIVERSITY - Faculty of Computer Applications we are pleased to announce the hosting of a comprehensive six-day offline ATAL-FDP sessions. This esteemed event will feature nine renowned speakers, ensuring an enriching and informative experience for all attendees. Shakti Ghodadra, Prof.(Dr.) Ipseeta Nanda, Rishika D., Dr. Ram Kumar G, Ph.D, CISM, PMP, Divan Raimagia, Shatrudhan Pandey & Dr. Anjali Diwan

🔒 Microsoft’s July Patch Tuesday: 137 Vulnerabilities Fixed! Including 1 publicly disclosed zero-day in SQL Server. Critical updates for Windows, Office, SharePoint, and more. Timely patching = stronger defense. 🛡️ Stay ahead with PSY9 Security. Khush Bhatt Shakti Ghodadra Abhishek Ghosh #PatchTuesday #ZeroDay #CyberSecurity #Infosec #MicrosoftSecurity #ThreatIntel #VulnerabilityManagement #PSY9Security #WindowsUpdate #DataProtection #CyberThreats

🛡 Cybersecurity: The Perception vs. The Reality 🛡 While the boardroom often sees “Cybersecurity” as a single checkbox ✅ — CISOs live in a world filled with 30+ moving parts. From risk management to AI/ML security, from patching endpoints to detecting insider threats, the job goes far beyond the surface. 👊 To every CISO out there who’s more Thor than Superman — we see you. Shakti Ghodadra Khush Bhatt Abhishek Ghosh Mausam Gajjar #Cybersecurity #CISOReality #RiskManagement #ThreatDetection #BoardroomVsReality #PSY9Security #VAPT #Governance #CyberAwareness #PSY9

🚨 Hiring Alert!! We’re hiring a Sr. Infosec Manager in #Mumbai for one of our top stockbroker clients. Requirements: 🔹 5+ yrs InfoSec experience (#BFSI preferred) 🔹 Strong in #SEBI, #CSCRF, #ISMS, #NIST standards 🔹 Experience in implementation of security controls, tools, policies, etc. 🔹 Dynamic mindset, takes ownership ⚡Bonus: Immediate joiners preferred! 📩 Send CVs to ceo@psy9.in & shreya@psy9.in with subject: Infosec Manager (GRC) role with PSY9 Mumbai 🔥 Tag or share with someone perfect for this! #Hiring #Infosec #GRC #MumbaiJobs #Cybersecurity #ImmediateJoining #Leadership #JoinUs