Denys Shavrovskyi

Shavrovskyi Denys Oleksandrovych.

Address: Ukraine, Kropyvnytskyi,

Date of birth: 01.05.1983.

Marital status: Single

GOAL

Windows Kernel Drivers Developer/Kernel Drivers Architect.

TECHNICAL SKILLS

 Programming languages: C/C++/asm, c++(ATL/STL).

 Windows Kernel Drivers Development Kit: WDK, SDK, Visual Studio.

 Windows Kernel Drivers Debugging Tools: WinDBG via NET and COM ports.

 User mode development and debugging: Visual Studio, SDK, Visual Studio Remote Debugging Tools.

 Working with VMware Workstation Pro.

 Working with MSDN documentation.

 Reverse engineering: IDA Pro disassembler and the Hex Rays decompiler, WinDBG, OllyDBG, and WinHEX editor.

EXPERIENCE

 C/C++/asm programming languages, writing code according to the code-style approved by the company. Using SAL for code annotation, a static analysis utility, Driver Verifier, Application Verifier.

 Development of drivers for Windows using low-level interception of system functions with race-condition protection (TOCTTOU), mini-filters of file systems, registry filters. Research of undocumented OS features and structures, critical errors in drivers, buffer overflow errors, string formatting errors, etc. Knowledge of PE format.

 Good knowledge of Windows NT information security, WinAPI: research of critical software vulnerabilities, methods of bypassing protection systems.

 Development of ATM protection systems based on proprietary technologies (the TPSecure product was installed on more than 95,000 ATMs of the Russian Federation and payment terminals in Russia and around the world according to Safe'n'Soft company data for 2013),

 Development of DLP systems.

 Experience in developing own effective technologies for detecting the presence of rootkits in the system (Safe'n'Sec rootkit detector (RkTrap) successfully detected Bootkit (BackDoor.MaosBoot) after 2 years the completion of the detector development, but it was not detected then by the vast majority of other rootkits -detectors and antirootkit solutions).

 Knowledge and understanding of the principles of code optimization (multithreaded kernel-mode <-> user-mode communication using I/O completion ports, compact placement of objects in memory - prevention of fragmentation and swapping, fast sorting and searching of data, cache for repeated requests, etc.

 Experience with the IDA Pro disassembler and the Hex Rays decompiler, WinDBG, OllyDBG, researching software protectors and complete its removal (SafeDisk 2.51, Asprotect 1.xx, Armadillo, etc.), researching of a malicious code. Bypassing protection against disassembly, debugging and working in the environment of virtual machines, development of non-standard methods of researching malicious code. Experience in researching malware using rootkit technologies.

2021-2024. "Comodo Security Solutions, Inc (Xcitium)" Odesa, Ukraine. Windows Kernel Drivers Developer/Kernel Drivers Architect (full time, remote work).

2018-2021. "Comodo Security Solutions, Inc" Odesa, Ukraine. Senior Kernel Drivers Developer (full time, remote work).

Software development. Development and support of product functionality Comodo Endpoint Security, COMODO OpenEDR:

 Audit and refactoring of existing driver code, fixing critical vulnerabilities and architectural flaws.

 Development of new and support of existing functionality of drivers and components necessary for the operation of COMODO SandBox, HIPS, real-time-AV, Viruscope.

2010-2017. "Kaspersky Lab AO" Moscow, Russia. Senior Kernel Drivers Developer in CoreDriversGroup, chief specialist of anti-virus software self-protection (full-time, remote work).

Software development. Development and support of product functionality Kaspersky Antivirus, Kaspersky Internet Security, Kaspersky Endpoint Security for Business, Kaspersky Fraud Prevention.

 Development and support of driver functionality for self-protection, HIPS, BSS (patterns of dangerous behavior), SW (System Watcher), Safe Banking.

 Analysis of vulnerabilities and new types of attacks on the company's products, development of concepts and implementation of effective countermeasures for complex threats.

 Development of a concept and its implementation to protect against different types of TOCTTOU attacks in Windows kernel mode interceptors.

2006-2010. "Safe’n’Soft (StarForce)" Moscow, Russia. Senior developer (full time, remote work).

Software development. Development and support of product functionality SysWatch TP Secure, Safe'n'Sec Personal, DLP-Guard. Releases of new products:

 Software for protecting confidential information and employees' workplaces from internal and external threats: DLP Guard v 3.5, TPSecure Teller.

 Protection for ATMs and POS terminals: TPSecure v 3.5.

 Host Intrusion Prevention System (HIPS) for home users - Safe'n'Sec Personal v3.0/3.5/3.6.

2003-2006 Development company «ASTRA» Kropyvnytskyi. Radio technician engineer, full time.

 Development of automated control systems for CNC machines based on single-chip microcontrollers and FPGA.

EDUCATION

2000-2003 Technical high school Kropyvnytskyi.

Specialty: Radio technician (design, production and maintenance of radio technical devices).

ADDITIONAL INFORMATION

Ready to work in a team and individually. I'm sociable, stress-resistant, show initiative. I have a responsible attitude to work, capable of quick self-study. I have many years of experience of permanent remote work (15+ years in Cybersecurity).