To keep his edge, international cybersecurity expert Nipun Jaswal does more than stay up on current security threats and trends; he literally keeps his hands in the game, regularly coding—in up to 10 different languages—and doing lab work including exploring attack vectors and hunkering down with disassemblers and debuggers.
Remaining “deeply technical” is not just part of his practice, it’s also fundamental to his leadership philosophy, which centers on staying curious and “close to the core of innovation.”
Jaswal currently works for NTT Data in India, where he’s Global-Capability Leader for Offensive Security. He is also one of Computing’s Top 30 Early Career Professionals for 2024.
In the following Q&A, Jaswal describes
How combining deep theoretical grounding with hands-on expertise helps him to lead others with clarity and empathy, as well as sustain his forward-looking approach toward emerging technologies and security. His discovery of the zero-day CVE-2017-13696 stack-based buffer overflow vulnerability and the impact that discovery had on the broader cybersecurity learning ecosystem. How a challenger’s mindset drives his vulnerability research in a way that complements rather than opposes developers’ work. Why cybersecurity training for law enforcement professionals must go beyond theory and tools and focus on hands-on training grounded in context and real-world threat scenarios.
You have authored 12 books on forensics and penetration testing. What inspired you to write these books, and how do you hope they contribute to the field of cybersecurity?
The inspiration came from a very personal place; I didn’t want to write just another book that repeated what was already publicly available. When I began writing Mastering Metasploit, my first book, I spent significant time researching, experimenting, and going beyond conventional documentation. I wanted to create something original, practical, and deeply insightful—something I wished I had when I was starting out.
My goal was to provide hands-on knowledge, real-world techniques, and practical walkthroughs that help professionals truly understand the tools, not just use them. These books reflect that intent, to empower the community with content that’s not just educational but also transformational. If even one reader gains a new perspective or sharpens their thinking because of my work, I consider that a meaningful contribution to the field.
Representing India at the BRICS Cyber Security Challenge and achieving the runner-up position is a significant accomplishment. Can you share your experiences with this competition and the key takeaways?
... continue reading