Swapneil Kumar Dash

Software Engineer

Bengaluru, Karnataka, India11 yrs 6 mos experience
Most Likely To Switch

Key Highlights

  • Led application security initiatives at Paytm.
  • Developed security training programs for developers.
  • Contributed to open-source security projects.
Stackforce AI infers this person is a Cybersecurity Specialist with expertise in Application Security and Vulnerability Management.

Contact

LinkedIn

Skills

Core Skills

Application SecurityCicd SecurityVulnerability ManagementThreat Modeling

Other Skills

AWS SecurityAndroidAngry IP ScannerApplication Security ArchitectureApplication Security AssessmentsBurp SuiteCC++CEHCLOUDFUZZCommunicationEthical HackingHTMLJavaJavaScript

About

- Specialised in web, mobile, API and network penetration testing. I also have knowledge on performing threat modelling of applications and architecture reviews. I am active in bug hunting and have been awarded with hall of fame and bounty from various organisations. I also actively participate in CTF challenges to upscale my skill sets. - In my current role, I manage the application security vertical at Paytm and handle a team of 10+ memebers and work on setting up the DAST and SAST process in place across all the verticals. - I also work towards evangelization of security to fellow developers and devops through flyers and security trainings on code reviews and security guidelines that needs to be followed. - I also work towards introduction of the Secure SDLC worflow across verticals at paytm by hooking in mandatory design and architecture reviews and change management involving DAST and SAST activities before any go lives. - I have also contributed to vulnhub by development of a box named Amaze. https://www.vulnhub.com/entry/amaze-1,573/ - I also work towards improving the CICD pipeline by introduction of security tools at every stage and defining process around the same eg. introducing SAST scans in block mode at PR requests for source code repos, OSS scans, image registry scanning, Vulnerability Management etc. In my free time I like to do blogging and below are links to some of my blogs: - https://medium.com/@swapneildash/deep-dive-into-net-viewstate-deserialization-and-its- exploitation-54bf5b788817 - https://medium.com/@swapneildash/understanding-insecure-implementation-of-jackson- deserialization-7b3d409d2038 - https://medium.com/@swapneildash/understanding-java-de-serialization-ee96054da15d - https://medium.com/@swapneildash/snakeyaml-deserilization-exploited-b4a2c5ac0858 - https://swapneildash.medium.com/installing-kubernetes-the-hard-way-a97457793122 - https://swapneildash.medium.com/introduction-to-kubernetes-43d0a2febbc0

Experience

Falconx

Application Security Engineer

Aug 2023Present · 2 yrs 7 mos · Bangalore Urban, Karnataka, India · Hybrid

  • Responsible for application security, CICD security, Kubernetes security, Vulnerability management and secure delivery of new features in production.
CICD SecurityApplication SecurityStatic AnalysisK8s SecurityApplication Security ArchitectureSecurity Architecture Design+5

Paytm

Principal Security Engineer

Nov 2021Sep 2023 · 1 yr 10 mos · Bengaluru, Karnataka, India

  • Handling a team of 10+ members in developing the application security program.
  • Working on the vulnerability management, source code review, security of devops pipeline, architecture reviews and design reviews
Application SecurityStatic AnalysisappsecVulnerability ManagementSecure Code ReviewProduct Security+5

Flipkart

Cyber Security Analyst

Nov 2019Dec 2021 · 2 yrs 1 mo · Embassy Tech Village

  • At flipkart I perform appsec evaluation of web and mobile applications. I also perform architecture reviews and threat modelling for any new internet facing assets as well as feature releases. As part of appsec we develop CTF challenges to train our developers on cybersecurity issues and their mitigations and secure coding practices. We also send out newsletters with latest cybersecurity issues to educate the developers. I also perform automation using python as when required to removed redundancy at work.
Static AnalysisThreat ModelingCommunicationSecurity ControlsApplication Security

Synack red team

Member of Synack Red Team

Jul 2019Present · 6 yrs 8 mos

Optiv inc

Security Consultant

Nov 2018Nov 2019 · 1 yr · Bengaluru, Karnataka, India

  • As part of Optiv security I perform consultation for web, mobile and network security reviews which involves internal(Active Direcrtory) and external penetration testing and providing detailed reports to the clients against each of the identified issues
Communication

Pwc india

Consultant

May 2017Oct 2018 · 1 yr 5 mos · Bengaluru, Karnataka, India

  • As part of PWC, I perform consultation for web, mobile and network security reviews which involves internal(Active Direcrtory) and external penetration testing and providing detailed reports to the clients against each of the identified issues
Communication

Infosys pvt limited

2 roles

Senior Systems Engineer

Promoted

Jun 2016May 2017 · 11 mos

  • I work in the security team of Infosys under android application security.It deals with pen testing and secure code analysis of the applications and generating of reports basing of these information. I also have knowledge on web application penetration testing and I have got EC Council CEHv7 certification .
  • I actively participate in the open and private bug bounty programs and have been rewarded with bounty , Swag and Hall of Fame.
Communication

System Engineer

Aug 2014Jun 2016 · 1 yr 10 mos

Communication

Education

Indira Gandhi Institute of Technology (IGIT), Sarang

B-Tech — Electrical Engineering Technologies/Technicians

Jan 2010Jan 2014

MGM English School ,Rourkela

Stackforce found 100+ more professionals with Application Security & Cicd Security

Explore similar profiles based on matching skills and experience

Vikram P.

Vikram P.

Sr Security Engineer II

at Endor Labs

India11 yrs 5 mos exp
Md. Torikul Islam Lipon 🛡️

Md. Torikul Islam Lipon 🛡️

Chief Executive Officer

at LipSec Limited

Dhaka, Bangladesh4 yrs 2 mos exp
CybersecurityDigital MarketingEthical HackingPenetration Testing
Manoj kumar M

Manoj kumar M

Assistant Manager Cyber Security

at BNP Paribas

Coimbatore, India9 yrs 7 mos exp
Neeraj Nigam

Neeraj Nigam

Security Engineer

at Amazon

Bengaluru, India8 yrs 9 mos exp
Ashritha Alva

Ashritha Alva

VP & Head - Penetration Testing Services

at Accorian

Bengaluru, India14 yrs 10 mos exp
Information SecurityPenetration Testing
Viraj Nayak

Viraj Nayak

Security Engineer

at Flipkart

Mumbai, India5 yrs 2 mos exp
CybersecurityInformation Security
NS

Naina Sharma

Accumulated Expertise

at Career-Wide Experience

India0 mo exp
Application SecuritySecurity Engineering
Luigі Coniglio

Luigі Coniglio

Security Engineer

at Meta

London, United Kingdom0 mo exp
Application SecurityCybersecurityInformation SecurityReverse Engineering