I am working as an Application Security Engineer at AppDirect, a leading end-to-end commerce platform that helps deliver any digital service, on any device, and accelerate time to market.
At AppDirect, I am responsible for Security Engineering, Pentesting and Code Reviews for AppDirect products.
Prior to AppDirect, I was working as an Application Security Analyst at Qualys, a leading provider of information security and compliance cloud solutions. My role was to make sure the Qualys’ products and services are secure, safe and free from commonly seen client/server side vulnerabilities.
Prior to Qualys, I was working with SecureLayer7 Technologies, a consulting firm, doing vulnerability assessment and penetration testing.
Apart from work related activities, I sometimes play ctfs on hackthebox & lab.pentestit.ru and have contributed to open source security & DevSecOps Newsletter. I am an active participant at Null,OWASP chapter meets and was also a part of the review team for the Free Docker Security Course.
You can read about my work and learnings on my blog here.
I have some hands-on experience on tools like Burpsuite, Nmap, Sonarqube, Dependency-Check, Dependency-Track, Nessus, WhiteHat Sentinel, Docker, Kubernetes, Maven, Gradle, Jenkins, Git.
Attributed with CVE-2017-14618, CVE-2017-14619, CVE-2017-15284, CVE-2017-15878, CVE-2017-15879, CVE-2017-16807, CVE-2017-18048, CVE-2017-18049, CVE-2019-6804 & CVE-2019-10349.
I am interested in learning various aspects of Application & Software Security, Security Automation and DevSecOps, Fuzzing and Exploit Development, and I intend to keep the list going on…