Shahmeer Amir started his career to achieve extraordinary things in life by completing his Bachelor of Engineering in Electrical and Electronics Engineering. His passion and interest in cyber security pushed him forwards, and he went for a Master’s degree in Cyber Security from EC-Council University. However, his urge to gain more experience and explore cybersecurity and ethical hacking led him to get a Master in Digital Currency and Cryptocurrency from the University of Nicosia and later a Ph.D. in Blockchain security from the same institute.
Just recently, Shahmeer Amir completed his 10-month Post Graduate Certificate in the Cybersecurity program at MIT. The program is the first-ever executive education program from MIT xPRO in collaboration with Emeritus. It has been launched to meet the increasing demand for trained talent in cybersecurity. This program allows mid and senior-level career professionals who have established their careers in information technology and are looking to improve their organization’s preparedness and response against cyberattacks to grow their careers as leaders in cybersecurity strategies.
Shahmeer Amir holds multiple cyber-security certifications from renowned organizations such as EC-Council, Mile2, and eLearnSecurity. Shahmeer Amir has extensive experience as a Cyber Security Advisor for countless organizations, including governmental agencies. He planned and implemented policies in Pakistan’s critical institutes, such as FBR & PSX. He also developed the growth strategy and roadmap based on internal stakeholders and business requirements, consumer trends, and technology landscape on projects such as Deep Sea Tracking, Digital transformation of Legislation, and Digitization of Pakistani Cultural Content.
In addition, he orchestrated multiple cyber security projects with over 400 fortune companies, including Facebook, Microsoft, Yahoo, and Twitter, and resolved critical security issues in their systems.
Interestingly, the world is facing serious challenges related to the internet and security. For example, digital assaults are a threat today as they can damage global organizations. Consequently, cyber security is a genuine requirement and has a broader scope worldwide.
During his tenure at various organizations, he faced many challenges and problems but never gave up. After becoming the third most accomplished bug bounty hunter, he founded Veiliux, one of Pakistan’s top cyber security consulting companies that helps other companies secure their assets from cyber-attacks. It is also Asia’s first mainstream Cyber Security startup. Furthermore, Veiliux aims to secure all kinds of organizations and is currently present in Asia Pacific, UAE, and the UK.
His education and willingness to acquire knowledge about writing codes led him to be a world-renowned Ethical Hacker. Till now, he has been successfully recognized by 400+ companies. In addition, he has received multiple awards, attended 70 national and international conferences, and represented Pakistan at Blackhat, focusing on “Bypassing next generation 2FA implementations” and “Securing your infrastructure using Bug Bounty programs” and later in Hackfest Canada in October 2022.
He keeps seeing problems and developing creative solutions. For example, Younite will resolve the major issue of poor audio feedback on critical conferencing platforms like Zoom and Skype. Authiun is the complete password-less authentication solution for organizations in the 21st century, focused on biometrics. This biometric technology is the future of authentication security as it is a more secure, quick, accurate, and easy way for users to access sensitive information.
“Breaking the web with Logics” is one of his famous publications. It is based on vulnerabilities in Modern Business Logic that exist in online applications and endangers the program. This article breaks down the hierarchy of business logic testing techniques into multiple parts, focusing on each one independently with the help of an example. It also includes several business logic issues in modern online apps and a strategy for how developers should fix those flaws.
This paper’s primary objective is to assist web application security researchers and developers in differentiating between traditional vulnerabilities in web applications and those linked to logical aspects. In addition, this research aims to persuade the reader that, in the future, automated scanner technology will improve to the point where traditional vulnerabilities won’t need human interaction, and only business logic vulnerabilities will exist to exploit traditional ones.
Shahmeer Amir is also a TED speaker, and he has spoken at numerous international and national information security and blockchain conferences in UAE, Malaysia, and Canada. Shahmeer also has multiple publications to his name. His stand-out books include Bug Bounty for Dummies and Bug Bounty Essentials. The Bug Bounty Essentials introduces readers to Bug Bounty hunting. Then, it further digs deeper into concepts of vulnerabilities and analysis, such as HTML injection, CRLF injection, etc. Finally, it provides the reader with hands-on experience working with tools used for bug hunting and various blogs and communities to be followed.