Subscribe to NetSec News
Jessica Owens
In this Intern Review, we hear from Prashanth Kodiyalam about what it's like working at Ingalls and what's next in his cybersecurity career journey.
_Pic.jpg?width=150&height=150&name=Intern%20Midterm%20Review%20(Prashanth%20Kodiyalam)_Pic.jpg)
Our Spring 2024 Internship cohort has four determined interns who’ve joined us from LSU to learn what it’s like working in a Security Operations Center (SOC). Now that they’ve had a moment to breathe, we thought it was time to conduct an interview to learn about them and their experience inside the SOC at Ingalls!
Read on to hear from our intern, Prashanth.
What have you learned about working within a SOC during this internship?
Primarily, I've learned how to triage security cases and develop an investigative methodology to proactively differentiate between true threats and false positives. Furthermore, through the guest speakers and general shadowing, I'm starting to understand the different roles that revolve around a SOC, and the overall architecture that is required for operations to take place. I believe I've also had the most fun with just experimenting with different tools, and seeing what they do!
What has been the most interesting technique you've seen a threat actor attempt?
I think the most interesting technique I've encountered so far was a malware incident that involved the Houdini RAT Trojan, which used code obfuscation to make it extremely difficult for a security analyst to determine what was going on. If I remember correctly, it took advantage of LNK files and injected code into the file's property section. Every time the user clicked on the LNK file (or in cases where it was executed from startup), the malware would replicate in the system and thereby create persistence while reducing process performance. In this case, the trojan was loaded through a USB, rather than through traditional phishing methods.
How has this internship influenced your outlook and career path in cybersecurity?
The internship has solidified my interest in cybersecurity. I believe that this opportunity will pave the way for me to enter into different subfields of cyber such as incident response, offensive security, threat hunting, etc.
What are your favorite resources for what's happening in cybersecurity?
My favorite resource honestly would have to be NIST.gov. Every day there is a new breach, or exploit, that is thoroughly documented but can be understood by those who are not exposed to cyber concepts. Random LinkedIn posts and YouTube channels such as Darknet Diaries have also fueled my curiosity.
What are your upcoming activities/educational goals for the next year?
Currently, I am a senior at LSU graduating this semester. My primary goal now is to make sure I reach graduation and obtain the AWS SAA certification. I have been also looking for full-time opportunities within the cybersecurity space. I hope to get my foot in the door as a security analyst next year.
What do you enjoy doing in your free time to reach a work-school-life balance?
In my free time, I generally like to homelab and listen to podcasts on the latest conspiracy theories.
Are you interested in becoming one of our awesome interns? Check out our SOC Intern Yearbook and reach out to our team directly for more details.
