Anirudh Anand

CTO

Bengaluru, Karnataka, India9 yrs 6 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Led the growth of CRED's Product Security team.
  • Developed security training courses with 7ASecurity.
  • Spearheaded top-ranked CTF team in India.
Stackforce AI infers this person is a Product Security Leader in the SaaS industry with expertise in vulnerability management and security automation.

Contact

anirudhanand722@gmail.comLinkedIn

Skills

Core Skills

Penetration TestingSecurityWeb Application Security

Other Skills

CSSCode reviewsComputer SecurityDockerExploiting security flawsHTMLInformation SecurityJavaScriptMySQLNetworkingNode.jsOpen SourcePythonRuby on RailsSecurity Automation

About

Been with CRED since the early days, I was one of the founding members of CRED's Security Team, and have been leading the Product Security team for the past 5+ years. Under my leadership, the team has grown to over 20+ members, and we have built one of the best Product Security teams in India. Starting with Product Security, today we have expanded the team to cover several different security verticals like DevSecOps, Security Engineering, Mobile Security and Vulnerability Management. I am an Engineer by heart with a passion for understanding complex microservice architectures, diving deep into their attack surface, uncovering architectural flaws and Vulnerabilities. This has helped me in designing robust security roadmaps and driving them across the organisation both from a Product Security & Engineering as well as a leadership standpoint. I bring my team together to build AOP (Annual Operating Plan) & OKR's (Objectives and Key Results) to ensure security is clearly thought through, objectives are well defined and organisation/team members has full clarity and visibility into the function. I am also a strong believer of scalability through automation particularly in relation to the identification and mitigation of security vulnerabilities & risks ingrained within engineering workflows through DevSecOps and CI/CD. I am passionate about building and conducting security trainings, and I have partnered with 7ASecurity to create a variety of courses including: 1. Attacking Modern Web Apps: Mastering the future of Attack vectors 2. Hacking Android, iOS and iOT apps by example Few more courses are in progress and will be released in the coming months. I was invited to present the above courses in several international conferences: 1. Nullcon Berlin 2023: https://t.ly/bf8IN 3. Troopers Germany 2022: https://t.ly/uO0-d 4. 44con London 2022: https://t.ly/r6MMw 5. DeepSec Vienna 2022: https://deepsec.net/archive/2022.deepsec.net/speaker.html#WSLOT560 6. Hackfest Canada 2021: https://t.ly/wX13Q 7. OWASP Global Appsec NZ, Appsec US, Appsec EU (2023, 2022, 2021) Prior to joining CRED, I was working as a Senior Security Engineer at Flipkart and prior to that, I was one of the founding members of the the Web Security team at Team bi0s, a CTF team from Amrita University. I had the privilege of spearheading team expansion, recruitment, and training efforts, leading to its remarkable success over the past 11 years. According to CTFtime rankings (https://ctftime.org/stats/2023/IN), the team has consistently held the top position (rank #1) among CTF teams in India.

Experience

Cred

4 roles

Head of Product Security

Promoted

Apr 2023Present · 2 yrs 11 mos

Engineering Leader - Product Security

Promoted

Oct 2021Oct 2023 · 2 yrs

Lead Security Engineer

Promoted

Oct 2020Oct 2021 · 1 yr

Senior Security Engineer

Jun 2019Oct 2020 · 1 yr 4 mos

7asecurity

Security Trainer

Aug 2019Present · 6 yrs 7 mos

Flipkart

2 roles

Security Analyst 2

Promoted

Apr 2019Jun 2019 · 2 mos

  • Primary Responsibilities:
  • 1. Exploiting security flaws and vulnerabilities on multiple FK application platforms like Web, Android and iOS.
  • 2. Work effectively with the engineering teams to provide:
  • Technical risk assessments
  • Threat modelling
  • PRD reviews
  • Code reviews
  • 3. Conduct Black/White box penetration tests along with technical reports which include suggested resolution for identified vulnerabilities.
  • 4. Security Evangelization - Promoting security awareness throughout the organisation by conducting CTFs and developer training sessions.
  • 5. Security Automation - Developing Automated security solutions to aid effective security testing.
Exploiting security flawsTechnical risk assessmentsThreat modellingCode reviewsSecurity EvangelizationSecurity Automation+2

Security Analyst 1

Jul 2017Mar 2019 · 1 yr 8 mos

Google

Developer - Google Summer Of Code 2016

Apr 2016Sep 2016 · 5 mos · OWASP

  • The project will implement the following features:
  • 1) Extended language support for container Engine: The current version of container engine can handle only PHP based challenges. With this project the container engine will be extending support to add challenges based on:
  • > Node.js
  • > Ruby on Rails
  • 2) OWASP Top 10 challenges on other platforms: After adding the support for Node.js and Ruby on Rails, new challenges will be added to container engine which covers OWASP top 10 attacks on both scripting languages along with PHP.
  • 3) Extending the ability to upload custom containers: The ability to upload custom containers to hackademic by challenge authors will be introduced to hackademic so that authors can have a flexible solution to create awesome challenges.

Owasp foundation

Developer - OWASP Summer Code Sprint

Jul 2015Sep 2015 · 2 mos · OWASP

  • Project: Creating Web sandboxes for secure Challenge Isolation using Docker

Amrita university

InCTF 2015 - Admin/Challange Setter

Feb 2015Jul 2015 · 5 mos · Amrita Vishwa Vidyapeetham, Amritapuri

  • InCTF is a Capture the Flag style computer security competition, a strategic war-game designed to mimic the real world security challenges.

Google

Developer - Google Summer of Code 2014

May 2014Aug 2014 · 3 mos · OWASP

  • Organization: OWASP OWTF
  • Project: Flexible Plugin Mapping, Reporting Template Engine and Passive Online Scanner

Team bi0s

Leading Web CTF Team

Jun 2013Jun 2019 · 6 yrs · Kerala, India

  • Mentoring and leading Web Security at Team bi0s (#1 CTF team in India - https://ctftime.org/stats/2020/IN)

Education

Amrita School of Engineering, Amritapuri

Bachelor’s Degree — Computer Science

Jan 2012Jan 2016

Stackforce found 100+ more professionals with Penetration Testing & Security

Explore similar profiles based on matching skills and experience

HK

Himanshu Khokhar Jaat

Independent Consultant

at Freelance

Delhi, India7 yrs 7 mos exp
Akash Singh

Akash Singh

Security Consultant

at Emirates NBD

Dubai, United Arab Emirates3 yrs 8 mos exp
Information Security
Aradhna Bhatia

Aradhna Bhatia

Senior Security Engineer

at Guidewire Software

Bengaluru, India8 yrs 7 mos exp
ComplianceInformation SecuritySoftware DevelopmentWeb Development
Manoj kumar M

Manoj kumar M

Assistant Manager Cyber Security

at BNP Paribas

Coimbatore, India9 yrs 7 mos exp
Gopalakrishna P.

Gopalakrishna P.

Associate Consultant

at HCLTech

Bengaluru, India8 yrs 2 mos exp
Application SecurityPenetration TestingVulnerability Management
Ashish Kumar Dora

Ashish Kumar Dora

Associate Business Analyst

at Infosys

Hyderabad, India6 yrs 2 mos exp
Shetu Shrey, CISSP

Shetu Shrey, CISSP

Security Lead

at Victoria’s Secret & Co.

Bengaluru, India12 yrs 6 mos exp
Application SecurityDevSecOpsPenetration TestingSecurity ArchitectureVulnerability Assessment
Mayur Chaudhari

Mayur Chaudhari

Cyber Security Engineer

at Infosys

Pune, India3 yrs 1 mo exp
Penetration TestingVulnerability Assessment