Abhishek J M

CTO

Mysore, Karnataka, India11 yrs 9 mos experience
Most Likely To SwitchAI ML Practitioner

Key Highlights

  • Led mobile security for high-impact products at CRED.
  • Presented at major conferences including BlackHat and OWASP.
  • Developed in-house automation tools for security.
Stackforce AI infers this person is a Mobile Security Expert in the Fintech industry.

Contact

LinkedIn

Skills

Core Skills

Mobile Application SecuritySecurity AutomationSecurity ReviewSecurity Training

Other Skills

AI in securityAndroid securityAndroid security scannerAutomation toolsC (Programming Language)Course material developmentCross-team collaborationJavaMobile application security reviewMobile securityOpen Source EvangelismPython (Programming Language)Reverse EngineeringSecurity EvangelismTeam Management

About

Abhishek leads mobile security for CRED. With over 5 years of experience in product security, he leads two projects - Adhrit and EVABS and has presented his work at prominent conferences like BlackHat US 2022, BlackHat Europe 2021, OWASP Seasides 2019, ThreatCon 2019 and BlackHat Asia 2020 where his tool - Adhrit was covered by The Daily Swig by PortSwigger. He has also delivered talks at community meetups like ThreatCon, Cysinfo & bi0s Meetup and was an assisting trainer at the International Summer School for Information Security and Protection, 2016. He used to play CTFs with Team bi0s - one of India's top CTF teams. Currently, his work revolves around researching and solving for industry-wide nuanced problem statements in mobile security, alongside leading a team of passionate mobile security engineers. He is also a trainer at 7ASecurity and has conducted training at notable conferences like OWASP AppSec New Zealand 2023 & 2021, 44Con 2021, Nullcon 2023, ThreatCon 2023 & 2021, c0c0n 2019 and Shu-ha-ri Labs 2020.

Experience

Cred

4 roles

Head of Mobile Security

Promoted

Oct 2022Present · 3 yrs 5 mos

  • AI in security - adoption, experimentation and development of LLM-based tools
  • Conceptualised & built 3+ in-house automation tools
  • Spearheading and driving mobile security for high-impact, 'mobile-heavy' products
  • Researching and implementing industry-first security controls for nuanced problem statements in mobile application security
  • Leading an erudite team of passionate mobile security engineers
AI in securityAutomation toolsMobile securityMobile Application SecuritySecurity Automation

Senior Security Engineer

Oct 2021Nov 2022 · 1 yr 1 mo

  • Constantly evolving and maturing the mobile security controls and processes to meet regulatory standards for financial products
  • Researching and solving for industry-wide complex problem statements
Security AutomationReverse EngineeringTeam ManagementSecurity ReviewMobile Application Security

Security Engineer

Promoted

Mar 2020Dec 2021 · 1 yr 9 mos

  • Built CRED's in-house Android security scanner, applying Ghera benchmarks over bytecode.
  • The tool has been presented at Blackhat Asia Arsenal 2020 & Blackhat Europe Arsenal 2021
  • Established and streamlined the mobile application security review process
  • Actively involved with cross-teams and stakeholders in understanding the requirements and recommending security best practices at the every level of SDLC.
Android security scannerMobile application security reviewCross-team collaborationMobile Application SecuritySecurity Review

Security Engineering

Sep 2019Feb 2020 · 5 mos

7asecurity

Security Researcher & Trainer

Aug 2019Present · 6 yrs 7 mos · Poland

  • Responsible for researching & developing course materials for an extensively hands-on mobile security course and conducting trainings at various international conferences. Trained so far at:
  • CodeBlue Japan, 2024
  • Nullcon, 2023
  • ThreatCon 2023, Kathmandu
  • OWASP AppSec NZ, 2023
  • 44Con International Conference, UK, 2022
  • c0c0n, 2022
  • OWASP AppSec New Zealand, 2021
  • 44Con International Conference, UK, 2020
  • ThreatCon 2021
  • Shuhari Labs International Conference, 2020
  • c0c0n International Conference, 2019
Course material developmentTrainingSecurity Training

Cysinfo cybersecurity community

Member

Jan 2016Present · 10 yrs 2 mos · Bengaluru, Karnataka, India

Team bi0s

Mobile Security Enthusiast

Jun 2014Present · 11 yrs 9 mos

Reverse Engineering

Education

Amrita University, Amritapuri

Bachelor of Computer Applications

Jan 2014Jan 2017

Amrita vidyalayam, Mysuru

12 — Computer Science

Jan 2002Jan 2013

Stackforce found 100+ more professionals with Mobile Application Security & Security Automation

Explore similar profiles based on matching skills and experience

MK

Munish Kharb

Lead Security Engineer

at Connect and Heal - CNH Care

Bengaluru, India5 yrs 10 mos exp
API SecurityCloud SecurityPenetration TestingProduct SecuritySecurity Implementation
Shetu Shrey, CISSP

Shetu Shrey, CISSP

Security Lead

at Victoria’s Secret & Co.

Bengaluru, India12 yrs 6 mos exp
Application SecurityDevSecOpsPenetration TestingSecurity ArchitectureVulnerability Assessment
Akshansh Jaiswal

Akshansh Jaiswal

Lead Security Engineer

at CRED

Bangalore Urban, India0 mo exp
Application SecurityBug BountyCloud SecurityCommunity BuildingDevSecOps
Pradeep Bhat

Pradeep Bhat

Senior Engineering Manager - Security

at Groww

Bengaluru, India11 yrs 6 mos exp
Cyber DefenseData SecurityPenetration TestingSecure SDLCSecurity Management
NS

Naina Sharma

Accumulated Expertise

at Career-Wide Experience

India0 mo exp
Application SecuritySecurity Engineering
mukund shrimali

mukund shrimali

Manager- Information Security

at Myntra

Bengaluru, India12 yrs 9 mos exp
Information SecurityWeb Application Security
Aswani Raveendran

Aswani Raveendran

Application Security Specialist

at Carlsberg Group

Birmingham, United Kingdom9 yrs 11 mos exp
Application Security AssessmentPenetration Testing
Sayed Abdelhafiz

Sayed Abdelhafiz

Senior Penetration Tester at EG-CERT

at National Telecommunications Regulatory Authority (NTRA) of Egypt

Cairo, Egypt5 yrs 10 mos exp
CybersecurityPenetration Testing