Screenshot 2021-12-18 at 3.24.47 PM.png
Navid Kagalwalla

I am an MS in Information Technology - Privacy Engineering (MSIT - PE) student in the School of Computer Science at Carnegie Mellon University. Previously, I have worked at Deloitte as a Cyber and Strategic Risk intern where I performed web application penetration testing, digital forensic readiness assessments, source code reviews and secure configuration assessments.  

I have reported critical vulnerabilities in Pfizer, Proctor & Gamble, Audi and many more.  I have 7 CVE IDs issued to me for finding vulnerabilities in content and booking management systems. For more details please see my write-ups.

My research interests span security, privacy and blockchain. For more details please see my publications.


  • June 2022: Attended PEPR 2022

  • May 2022: Started my internship as a Privacy Research intern at Skyflow

  • Feb 2022: Attended ETHDenver 2022 

  • Nov 2021: Delivered a talk on the podcast 'Blockchain Won't Save the World' hosted by Anthony Day

  • Sept 2021: Issued 7 CVE IDs for vulnerabilities reported in content and booking management systems

  • Aug 2021: Started my Masters at Carnegie Mellon

  • May 2021: I got accepted into Carnegie Mellon, Georgia Tech and Johns Hopkins for my Masters

Photo Credits: @sohotography