Hi everyone! 👋 My name is Thai Duong (widely known as Thai Duong Sec or DuongSec). I’m a Data Security Specialist and Information Security Auditor with a passion for building resilient systems that stand strong against modern cyber threats.
My career is driven by a simple but powerful mantra: "Security by Design, Privacy by Default." I believe security shouldn't be a "patch" applied at the end—it must be the foundation of the architecture itself.
🛠 My Technical Arsenal & Background
I am an alumnus of the Academy of Cryptography Techniques (KMA), the leading institution for information security in Vietnam. To bridge the gap between management strategy and technical execution, I’ve earned several industry-recognized "heavyweight" certifications:
CISSP & CISA: For security governance and auditing.
OSCP & CEH: For hands-on offensive security and penetration testing.
Core Expertise:
Zero Trust Architecture: Designing multi-layered security models where "never trust, always verify" is the rule.
Compliance Consulting: Helping financial and banking sectors navigate complex regulations like GDPR and ISO 27001.
Blue Team Operations: I've spent years in the trenches at major banks, managing large-scale data breach incidents and implementing long-term remediation strategies.
🌍 Community & Recognition
I'm a firm believer in giving back to the infosec community. You might have seen my name on:
Microsoft Security Response Center & Google Vulnerability Reward Program (VRP).
The appreciation list of the National Cyber Security Center (NCSC).
Guest speaker sessions at OWASP Vietnam Chapter.
Expert commentary on major Vietnamese tech news outlets like Tuổi Trẻ and ICTNews regarding Ransomware and online fraud.
📑 Sharing Knowledge
On my personal blog thaiduongsec.vn, I share deep dives into:
Malware Analysis & Digital Forensics.
Practical tools like my Password Leak Checker (integrated with HaveIBeenPwned).
Security Checklists: Helping individuals and devs stay safe with "10 steps to protect personal data."
You can also find my automation scripts for vulnerability scanning on my GitHub.
📫 Let's Connect!
I'm always open to discussing DevSecOps, data privacy, or the latest 0-day vulnerabilities.
Website: thaiduongsec.vn / secwithduong.com
LinkedIn: Let's talk strategy with CISOs & DPOs.
X (Twitter): For quick takes on CVEs and tech news.
Email: thaiduongsec@gmail.com
Hotline: 0912 776 965
Office: 328 Ho Hoc Lam, An Lac, Binh Tan, Ho Chi Minh City, Vietnam.
Top comments (0)