Charbel Farhat

Security Researcher | Backend & Cloud Engineer

I'm a Backend and Cloud Engineer with a passion for Security Research and Threat Intelligence.

Interests: Python, Cybersecurity, Distributed Systems, Cloud Computing, CTFs

Recent Projects

Cloud SaC Pipeline

22 Oct 2025

Automated security scanning pipeline that catches IaC vulnerabilities before deployment

DevSecOps Terraform Cloud GCP Python GitHub Actions Security

See all projects on GitHub

Blogs

The False Sense of Security in Supply Chain Scanning

07 Jan 2026

Modern software is built on layers of third-party dependencies, CI/CD tooling, and external services. Supply chain attacks exploit this trust by compromising components upstream, allowing malicious code to spread downstream into otherwise legitimate applications. The impact and frequency of these...

Supply Chain Attacks DevSecOps SAST GuardDog semgrep YARA PyPI npm

TryHackMe - DiskFiltration (Hard)

30 Dec 2025

Lately I’ve been investing a lot of time into TryHackMe’s Security Analyst path (SOC L1, SOC L2, Advanced Endpoint Investigations) in order to sharpen my blue teaming skills. DiskFiltration is a fun challenge that I came across today. Challenge Intro...

CTF Blue Team SOC DFIR

Solving GCP Pentest Lab

05 Nov 2025

GCP Pentest Lab is a vulnerable cloud environemnt designed to learn and exploit clouod misconfigurations and vulnerabilities. We will be jumping around the environemnt using different security flaws to uncover embedded flags left for us. Setup All we have to...

Cloud Security GCP CTF

See all 11 blogs

Career Changelog

This changelog is a fun little experiment I built to showcase my journey. For a complete overview of my experience and skills, my resume is available upon request.

All notable changes to this project (my career) will be documented in this section.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

1.2.0 - Mid-level Backend Engineer @ GrowerAI (June 2025 to Sep 2025)

Added

Skills to develop SaaS solutions.
Use of Agile methodologies.
Use of Python, Java, FastAPI, PostgreSQL, Docker, Kubernetes, GCP, CI/CD Pipelines.
Building of scalable distributed systems using microservices and RESTful APIs.
Integrating different AI models and agents for data analysis and image generation.
Knowledge in SDLC, system design, testing, cloud platforms...
Broad Knowledge in MarTech and the Marketing industry.

1.1.0 - Backend & Cloud Engineer @ WITS (Sep 2022 to Mar 2025)

Added

Skills to develop SaaS solutions.
Use of Agile methodologies.
Use of Python, C++, FastAPI, MongoDB, Elasticsearch, Docker, Kubernetes, Celery, RabbitMQ, Redis, AWS, GCP, CI/CD Pipelines, Ansible, NGINX, Cloudflare.
Building of scalable distributed systems using microservices and RESTful APIs.
Knowledge in SDLC, system design, testing, cloud platforms...
Deeper knowledge in the Cybersecurity industry: HFM, recon, vulnerabiity scanning, automation...

1.0.0 - Software Developer Intern @ WITS (Aug 2022 to Sep 2022)

Added

Use of Python, C++, FastAPI, PostgreSQL, Docker, Celery, RabbitMQ, Redis.
knowledge in the Cybersecurity industry.

0.1.0 - The Beginning (2022)

Added

The beginning of my professional journey into software engineering with a passion for problem solving and cybersecurity.