Xiangrui Kong

Xiangrui is a Certified Information Systems Security Professional (CISSP), EnCase Certified Examiner (EnCE), and a CREST Practitioner Intrusion Analyst (CPIA). He holds the Cellebrite Mobile Forensics Fundamentals (CMFF) and Certified Physical Analyst (CCPA) certificates, alongside the following SANS GIAC certificates: Certified Forensic Analyst (GCFA), Certified Incident Handler (GCIH), Certified Defending Advanced Threats (GDAT), and Certified Reverse Malware Engineering (GREM).

Xiangrui has delivered on notable projects in many different industries and for a variety of investigations, including:

• Led proactive cyber risk engagements and threat-led reviews, surfacing previously undetected compromises and enabling early containment.
• Directed incident response for organizations targeted by organized cybercrime, coordinating investigation, stakeholder communications, and remediation planning.
• Oversaw complex, multi-workstream investigations, aligning technical activity with legal, regulatory, and executive reporting requirements.
• Managed sensitive internal investigations involving suspected data or intellectual property misappropriation, supporting leadership and counsel with clear, defensible findings.
• Advised on account compromise and payment diversion matters, helping clients strengthen identity controls and reduce business email compromise exposure.
• Delivered enterprise data security reviews, prioritizing practical improvements to governance, controls, and monitoring.
• Supported organizations through high-impact ransomware and extortion events, guiding containment, recovery, and post-incident resilience enhancements.