About

My name is Arkadiy Tetelman - I live in San Francisco and work as a Security Architect at Chime. Previously I worked as:

I graduated from UC Berkeley with degrees in Computer Science and Applied Mathematics.

Security Paved Roads at Chime, Resourcely Podcast, 8/13/2023 (video)
What Does it Mean to Build a Proactive Security Culture in an Organization, BSides SF, 4/22/2023 (slides, video)
SecuriTEA & Crumpets Podcast, 4/29/2022 (video)
Accel Scholars: How to Grow Your Engineering Career, UC Berkeley, 4/13/2022
Comparative Prodsec Programs, Enigma, 2/2/2021 (video)
Security Culture, Tech Trek podcast, 11/24/2020 (audio)
Non-Political Security Learnings from the Mueller Report
- BSides SF, 2/23/2020 (slides, video)
- BSides Dallas, 11/2/2019 (slides)
- Appsec Global DC, 9/12/2019 (slides)
Concrete Steps to Create a Security Culture, BSides SF, 3/4/2019 (slides, video)
Enlisting Ethical Hackers to Solve Cyber Risk, RIMS Cyber Risk Forum, 10/4/2018
Data Driven Bug Bounty, BSides SF, 4/15/2018 (slides, video)

Some of my currently active open source projects include:

protodump: a tool for extracting grpc/protobuf definitions from closed-source binaries
bounty-targets-data: an hourly-updated repo containing a list of all Hackerone/Bugcrowd in-scope domains
aws_public_ips: a tool for fetching all public IP addresses tied to an AWS account
zoom-redirector: a browser extension to open Zoom meetings using their hidden web client
ssrf_filter: a ruby gem for protecting against server side request forgery vulnerabilities
ddexport: a command line utility for downloading Datadog logs and spans via their API (their UI limits exports to 5000 rows of results)
chrome-extension-downloader: a command line utility for downloading and unpacking chrome extensions from the Chrome Web Store
free-ft: a Chrome extension to give free access to unlimited articles on the Financial Times
dftest: a small command line utility for testing server responses to domain-fronting requests