Skip to main content

about

Dhruv MajumdarVP of Security Solutions. Two decades plus across MxDR, VMDR, Cyber Threat Intelligence, and Red Teaming. These notes are the working-out: the tools, the patterns, and the moves that survive contact with real adversaries and real fleets.

Most of what I write touches the seam between detection theory and operational reality — where MxDR programs run on artifacts not catalogs, where vulnerability response works backwards from exploit primitives instead of forwards from a CVE ID, and where a red team’s “found it” only matters if the blue side can reproduce it on every endpoint they own.

What I work on

  • MxDR — Managed Extended Detection and Response — operating detection programs across endpoint, identity, cloud, and SaaS planes; turning telemetry into reproducible, action-ready signal.
  • VMDR — Vulnerability Management, Detection, and Response — pre-CVE response, artifact-based exposure scoping, and closing the gap between “the vendor said this fixes it” and “the host actually fixed it.”
  • Cyber Threat Intelligence — adversary tradecraft to detection engineering pipeline; making CTI count where it matters (the query, the policy, the run-book), not where it doesn’t (the slide).
  • Red Teaming — engagement design, tooling, and the post-exercise translation into durable defensive instrumentation.
  • AI for security operations — natural-language interfaces over Fleet / osquery / MCP with the SQL still visible to the analyst. Where the model accelerates the work without hiding it.

Speaking

BSides, DC416, conINT, HacKP, and others. Topics span AI-assisted threat hunting, supply-chain incident detection, and adversary emulation tradecraft.

On the air

Find me


Opinions are my own.