// Senior Security Engineer @ COGNNA Β· Riyadh, SA
Security Architecture Β· Detection Engineering Β· DFIR Β· Cloud Security (GCP) Β· Published CVE Researcher
Senior Security Engineer with 5+ years of experience across security architecture, detection engineering, and digital forensics & incident response (DFIR). I specialize in securing enterprise and cloud environments on GCP, optimising EDR stacks, and engineering detection coverage in Google SecOps (Chronicle).
At COGNNA (Riyadh) I lead security architecture design, build SIEM detection rules and dashboards, automate workflows with n8n, and manage the full incident lifecycle β from compromise assessment to remediation tracking. I have also published three critical CVEs (CVE-2022-2921, CVE-2022-2927, CVE-2022-2888) through responsible disclosure on Huntr.dev.
A strong believer in the power of open knowledge β every CVE report, blog writeup, and open-source tool is my contribution back to the community that shaped me.
A comprehensive open-source collection of tools, cheat sheets, and resources for ethical hackers and penetration testers. Covers CEH, OSCP, eCPPT, and PNPT frameworks β battle-tested in real engagements.
View Project βA curated, practical guide to the most essential Linux commands for security professionals and system administrators β battle-tested in real pentesting engagements and designed for rapid field reference.
View Project βPublished SOC/Blue Team challenge on CyberDefenders using the ELK stack. Helps defenders practice real-world incident response, log analysis, and threat hunting scenarios in a safe environment.
View Project βActive research and contributions to MITRE ATT&CK-aligned tooling and threat modeling. Uses Mitre-Assistant to map adversary TTPs, build detection strategies, and validate security controls.
View Research βTechnical writeups covering malware analysis, Windows internals, DFIR techniques, CTF walkthroughs, and adversary simulation β all freely shared with the community to advance collective knowledge.
Read Blog βProfessional Cloud Security Engineer
Validates expertise in designing and implementing secure infrastructure on GCP β IAM, data protection, network security, and governance controls.
Verify Credential βProfessional Security Operations Engineer
Validates expertise in security operations, threat detection, Chronicle SIEM, and building detection-as-code pipelines in Google SecOps.
Verify Credential βCertified CyberDefender β CyberDefenders
Demonstrates Blue Team skills in threat hunting, SOC operations, log analysis, and incident response across real-world scenarios.
View Platform βCertified Ethical Hacker β EC-Council
Covers all 20 ethical hacking domains β from footprinting and network scanning to malware analysis and social engineering.
Verify Credential βHuntr.dev Β· 3 Critical CVEs
Published three critical CVEs through responsible disclosure on Huntr.dev. Collaborated with development teams to guide mitigation strategies.
View Profile βBlue Team Challenge Author & CCD
Published the Elastic-Case Blue Team challenge using ELK stack. Helps SOC analysts practice real-world incident response and log analysis.
View Challenge βπ For verified credentials visit linkedin.com/in/abdullah-baghuth
A deep-dive into how modern malware abuses Windows APIs, process injection, and LOLBins to evade detection and establish persistence.
Read More βStep-by-step walkthrough of a complex CTF challenge combining SSRF, SSTI, and privilege escalation to achieve full remote code execution.
Read More βHow to operationalize the MITRE ATT&CK framework into actionable detection rules in Elasticsearch, tested against real adversary TTPs.
Read More βWhether you're looking for a penetration tester, want to collaborate on security research, or just want to talk about the latest threat landscape β my inbox is always open.
π§ abdullahsalem7737@gmail.com