Cryptography introduced me to the field of Information Security (I was mainly a Maths student). Then, I also got interested in Networks later on, which led me to the exciting field of Intrusion Detection Systems and Machine Learning (my PhD topic, 2005). Thereafter I joined a product company as a Security Research Engineer, working on analysing and developing signatures for real attacks. I joined University of Trento, Italy as postdoc to continue working on ML and Security.

A big change came to my research direction when I joined Verimag (University of Grenoble, France) as a postdoc. This was the place where I learned good program analysis and applied it to binary code (Intel x86). A major chunk of what I do now, i.e. security program analysis, started during that time. I was mainly fousing on static analysis while, on the same time, paving my path for another very exciting field of Fuzzing-- a dynamic security analysis technique.

It is at Vrije Universiteit (VU), Amsterdam where I did some of the most impactful work on fuzzing. I was a part of VUSec group (led by Prof. Herbert Bos and Cristiano Giuffrida). VUSec provided me enough opportunity to get my hands dirty with more low-level (system-ish) things, which helped me in consolidating my research ideas.

In between these important positions, I also spent time at other very good places-- IIIT Hyderabad (Asst. Prof.), Infosys (Seniour Research Associate).