I am an Application Security Enthusiast with over 8 years of experience in the security industry. In the past, I have worked as a security consultant at a boutique firm, SecureLayer7, performing web application pentests for various clients with different stacks and technologies.
I then transitioned to securing products in product-based enterprise companies such as Qualys and AppDirect. Since October 2021, I have been working at TIAA as a Senior DevSecOps Engineer in the Application Security team.
At the core, I love building appsec programs from scratch, tackling challenging and interesting security engineering problems, focusing on developer education and advocacy, innovating with the latest technologies, exploring greenfield areas, and constantly pushing myself to learn something new daily.
You can find some of my open-source security contributions on my ExploitDB profile. You can catch me discussing appsec topics on Twitter. And for everything professional, you can connect with me on LinkedIn.
I have also conducted a workshop at InfoSecGirls and spoken at security meetups such as null Pune, The Hackers Meetup, and Garage4Hackers.
Additionally, I have contributed to the DevSecOps Newsletter and the Free Docker Security Course.
If you like what you see here and would like to connect or simply chat, feel free to drop me a note on Twitter or LinkedIn.