CDSA • RHCSA • CSO

Nadim Saliby

Chief Security Officer, WhoMeta

I secure high-assurance environments where breach equals existential risk. AKS/Kubernetes hardening. Policy-as-code enforcement. Threat intelligence integration. OSCP-validated offensive perspective applied to sovereign cloud operations.

Contact Case Studies

Security Operations Scope

What I've delivered at scale

250+

Production Servers

Multi-region AWS/Azure

12 mo

Platform Acquisition

Founded → acquired by WhoMeta

Sovereign

Cloud Security

Policy-as-code + K8s hardening

Air-gapped

Threat Intel Platform

Autonomous darknet discovery

Sovereign Cloud Security

Leading infrastructure and platform security for WhoMeta sovereign cloud. AKS/Kubernetes workload hardening. Wazuh SIEM deployment for distributed correlation. Operating where breach equals existential risk.

Current • CSO

Founded → Acquired (12 months)

Built DarkHuginn from concept to acquisition by WhoMeta. Autonomous threat intelligence platform integrated into production workflows for air-gapped intelligence collection.

May 2025

250+ Production Infrastructure

Managed security for 250+ AWS/Azure instances across distributed data centers. Zero-downtime blue/green deployments. Automated remediation at scale. Infrastructure-as-code with Ansible.

Dubai • 2 years

Offensive Security Research

Published UAC bypass research and anti-forensics analysis. Offensive perspective applied to defensive architecture and detection engineering.

Published

Certifications CDSA • MCSE • MCSA

B.S. Information & Communication Technology Digital Forensics • American University of Science and Technology (AUST)

Multilingual Operations Arabic (Native) • English (Fluent) • French (Fluent)

</track_record>

PLATFORM ACQUIRED 2025

DarkHuginn

Autonomous darknet intelligence platform for hidden-service discovery, cryptocurrency tracing, and adversarial infrastructure mapping. Acquired by WhoMeta for integration into production workflows supporting air-gapped and OPSEC-sensitive environments.

Python Flask/Django Elasticsearch MISP RabbitMQ

Press Release

RESEARCH

Windows UAC Bypass Research

Documented proof-of-concept for Windows UAC bypass via fodhelper.exe. Demonstrates privilege escalation vector for security validation and penetration testing operations.

Publication

RESEARCH

Anti-Forensics Analysis

Technical analysis of anti-forensics techniques, evasion methodologies, and evidence integrity considerations for defensive security operations and incident response planning.

Publication

TOOLING

OSINT & Triage Utilities

Browser-based security utilities for IOC extraction, PDF triage, EXIF sanitization, and hashing operations. Client-side processing for OPSEC-sensitive environments requiring air-gapped analysis workflows.

Image Inspector

EXIF + metadata triage with local-only processing.

Open tool

PDF Inspector

Static metadata and embedded object assessment.

Open tool

IOC Extractor

Normalize and extract indicators from unstructured text.

Open tool

Hash Lab

Fast, client-side hashing for verification and triage.

Open tool

</contributions>

Acquisition

DarkHuginn: Autonomous Threat Intelligence

Built a platform for hidden‑service discovery, crypto tracing, and adversarial infrastructure mapping. Acquired May 2025 and integrated into production workflows.

Founder & Chief Architect 2024 – 2025

View acquisition release

Infrastructure

250+ Server Security Program

Secured and automated multi‑region AWS/Azure fleet. Built monitoring stacks, implemented segmentation, and executed zero‑downtime migrations.

Cloud Engineer 2023 – 2025

Research

UAC Bypass & Anti‑Forensics Publications

Published actionable research on Windows UAC bypass and anti‑forensics techniques for defensive validation and incident response.

Independent Research Publications

UAC bypass Anti‑forensics

</case_studies>

2025

CURRENT

Chief Security Officer

WhoMeta

May 2025 – Present

Leading infrastructure and platform security for sovereign cloud operations. Securing AKS/Kubernetes workloads with policy-as-code enforcement, deploying Wazuh SIEM for distributed correlation, and integrating DarkHuginn for threat intelligence. Operating in environments where breach = existential risk.

Kubernetes/AKS Helm Wazuh SIEM Threat Intel Policy-as-Code

2024

ACQUIRED MAY 2025

Founder & Chief Architect

DarkHuginn

2024 – May 2025 (Acquired by WhoMeta)

Founded and built darknet intelligence platform for hidden-service monitoring and adversarial infrastructure analysis. Architected autonomous discovery engines, cryptocurrency tracing pipelines, and digital footprint correlation systems for threat hunting and investigations. Platform acquired by WhoMeta for integration into production workflows supporting air-gapped intelligence collection capabilities.

Python Flask/Django Elasticsearch MISP RabbitMQ

Official Press Release

2023

Cloud Engineer

Carma, Dubai

March 2023 – March 2025

Managed 250+ AWS machines across distributed data centers. Built monitoring with Icinga/Telegraf/Grafana/ELK. Automated infrastructure with Ansible. Zero-downtime blue/green deployments. Secured Linux servers, implemented IAM policies, configured VPC segmentation.

AWS Ansible Icinga2 PostgreSQL Elasticsearch

Certifications

PWK-200

Offensive Security Certified Professional

PWK 200 - Penetration Testing with Kali Linux

RHCSA

Red Hat Certified System Administrator

Linux Academy

MCSE

Microsoft Certified System Engineer

Network & Server Administration

Education

Bachelor of Science in Information & Communication Technology

Digital Forensics Emphasis

American University of Science and Technology (AUST) Lebanon 2023

</experience>

Executive Contact [email protected]

Professional Network linkedin.com/in/nadimjsaliby

GitHub HackTheBox DarkHuginn

</contact>

Nadim Saliby

Security Operations Scope

Track Record

Sovereign Cloud Security

Founded → Acquired (12 months)

250+ Production Infrastructure

Offensive Security Research

Technical Contributions

DarkHuginn

Windows UAC Bypass Research

Anti-Forensics Analysis

OSINT & Triage Utilities

Applied Tools

Image Inspector

PDF Inspector

IOC Extractor

Hash Lab

Case Studies

DarkHuginn: Autonomous Threat Intelligence

250+ Server Security Program

UAC Bypass & Anti‑Forensics Publications

Career & Credentials

Chief Security Officer

Founder & Chief Architect

Cloud Engineer

Certifications

Education

Contact