Career Launch Series: From SOCAP to Security Engineering

Meet Sanaan Wani, an accomplished student, now a cybersecurity professional at Amazon

For recent USF graduate Sanaan Wani, cybersecurity has never been just a career path; it has been a challenge worth pursuing.

After years of competing, researching, building tools, and securing systems, Wani is now taking the next step in his professional journey. This summer, he will relocate to Dallas, Texas, to begin a full-time role as a security engineer with Amazon. Before graduation, however, he added another impressive accomplishment to an already distinguished résumé: the discovery and responsible disclosure of a software vulnerability that earned an official Common Vulnerabilities and Exposures (CVE) designation.

His journey reflects the hands-on learning, mentorship, and real-world experience that define Cyber Florida’s Security Operations Center Analyst Program (SOCAP).

Finding his place in cybersecurity

Wani graduated from USF in May with a degree in computer science, but his interest in cybersecurity began outside the classroom.

Toward the end of his freshman year, he started attending meetings hosted by USF’s cybersecurity student organizations and quickly discovered that protecting systems was more compelling to him than simply building software.

“I realized I found securing systems much more interesting than just building software,” Wani said.

That curiosity led him to become involved with CyberHerd, USF’s nationally recognized cybersecurity competition team, where he eventually served as blue team captain. Through competitions, training opportunities, and mentorship from coaches and faculty advisors, Wani developed both technical skills and a passion for solving difficult security challenges.

His path to joining the SOCAP began through Cyber Florida’s NIST-funded Industrial Control Systems (ICS) training program, where he learned from Cyber Florida faculty and staff and completed a SANS certification funded through the program. After successfully earning the certification, he applied to SOCAP and officially joined the team in August 2025.

Building skills through real-world security operations

As a SOCAP analyst, Wani worked alongside other students to help monitor and secure networks, investigate security incidents, and support clients across Florida.

His responsibilities ranged from incident response and threat analysis to developing operational improvements for the security operations center itself. One project involved collaborating with fellow SOCAP students to develop a SOC console designed to streamline ticket processing and accelerate response times.

“We do a bit of everything,” Wani said. “From weekly incident responses to writing threat advisories.”

The experience gave him exposure to the realities of cybersecurity operations while also allowing him to pursue emerging areas of research that interested him.

Discovering a vulnerability through AI-assisted research

Outside of his operational work, Wani has spent significant time exploring the intersection of artificial intelligence and cybersecurity. Inspired and encouraged by his CyberHerd teammate, Yeran Gamage, he began building his own autonomous tools to identify security weaknesses in open-source software projects.

“Seeing his success with finding vulnerabilities really inspired me,” Wani said. “He encouraged me to start looking into securing open-source software, which is what originally got me started in vulnerability research.”

Because open-source software powers much of today’s technology ecosystem, Wani saw vulnerability research as an opportunity to strengthen tools used by organizations around the world.

His AI-powered systems scan software repositories for potential security flaws. Once a possible issue is identified, he manually investigates the findings, validates the results, and determines whether the vulnerability could have broader security implications.

That process recently led to the discovery of CVE-2026-45675, a vulnerability in Open WebUI.

The flaw involved a race condition in the platform’s authentication process. During an initial deployment, the first user to log in is intended to become the system administrator. Because of the vulnerability, however, multiple users logging in simultaneously could potentially receive full administrator privileges.

In practical terms, that could allow an unauthorized individual to gain complete administrative control over the platform and its data.

Responsible disclosure in action

After identifying and validating the vulnerability, Wani followed the industry’s responsible disclosure process.

Because Open WebUI accepts vulnerability reports through GitHub, he submitted his findings directly to the project’s maintainers. The development team reviewed the report, verified the issue, implemented a fix, and ultimately assigned an official CVE identifier.

For Wani, the milestone was meaningful not simply because of the CVE designation itself, but because it validated the effectiveness of the research methodology he had been developing.

“I’ve been using my AI tooling to find and submit vulnerabilities for a while now,” he said. “Having this one fully verified, patched, and assigned a CVE was a nice nod that the methodology works.”

The accomplishment may be his first officially assigned CVE, but it is unlikely to be his last. He currently has additional vulnerability reports under review and remediation.

The power of mentorship

Wani credits much of his success to the mentors and teammates who encouraged him to pursue ambitious goals.

Within SOCAP, he found a culture that supported innovation and exploration. He points to Duy Dao, assistant security operations center manager, as a major influence on his interest in AI-driven security research.

“Duy encouraged us to consider new research and tools in the AI space,” Wani said. “He didn’t just talk about concepts; he built things and showed them to us.”

He also credits SOCAP Program Manager Ryan Irving for creating an environment where student accomplishments are recognized and celebrated.

“There was a point where I worried I wasn’t completing enough tickets because I was spending so much time focused on AI vulnerability research,” Wani said. “Ryan and Duy were incredibly supportive. They encouraged me to keep going and fully supported my work.”

That encouragement helped him continue pursuing research that ultimately resulted in a verified vulnerability disclosure and CVE assignment.

Looking ahead

With graduation complete, Wani is preparing for his next chapter as a security engineer at Amazon. Having previously interned with the company’s red team, he is eager to return and continue building his career in cybersecurity.

Beyond his professional goals, he hopes to make cybersecurity and artificial intelligence more accessible to broader audiences. One of his long-term aspirations is to create educational content that helps people better understand complex technical concepts.

“Breaking down complex technical concepts into ideas that are accessible and engaging for everyone is a fun challenge,” he said. “I think bridging that knowledge gap is incredibly important.”

Outside of cybersecurity, Wani channels his competitive nature into soccer and competitive gaming, particularly Counter-Strike 2 and Valorant.

Whether on the field, in competition, or researching the next vulnerability, he is constantly looking for opportunities to learn, improve, and push himself further. As he begins his professional career, his accomplishments already demonstrate what can happen when technical talent, curiosity, mentorship, and hands-on experience come together.