Zak Fedotkin

Researcher

United Kingdom13 yrs 8 mos experience

Key Highlights

Expert in application security and vulnerability discovery.
Proficient in secure coding practices across multiple languages.
Experienced in building security processes in agile environments.

Stackforce AI infers this person is a seasoned application security specialist with a focus on secure software development.

Contact

Skills

Core Skills

Secure Coding

Other Skills

Android DevelopmentiOS developmentObjective-CJavaCryptographySecure Code ReviewPenetration TestingSecurity Research

About

I’am an application security specialist. Code review is my passion. I have discovered number of vulnerabilities at open source applications: data processing libraries, http clients, 3-rd party extensions primarily written on Java, C++, PHP programming languages.

Experience

13 yrs 8 mos

Total Experience

2 yrs 6 mos

Average Tenure

2 yrs 1 mo

Current Experience

Portswigger

Researcher

Mar 2024 – Present · 2 yrs 1 mo · Knutsford, England, United Kingdom · On-site

Pushing the boundaries of web security

Ataccama

Security Engineer

Aug 2022 – Sep 2023 · 1 yr 1 mo · Prague, Czechia · On-site

Secure software development lifecycle process building from scratch. Security trainings from OWASP top 10 to specific product common security vulnerabilities. Security review process integration into agile development. Security and privacy recommendations development. Static code analysis tools integration at CI/CD.

Secure Coding

Citrix

Principal Security Engineer

Jul 2021 – Jul 2022 · 1 yr · Prague, Czechia

Secure software development lifecycle

Wrike

Security Senior Specialist

Nov 2015 – Jul 2022 · 6 yrs 8 mos · Prague, Czech Republic

Application security engineer and security researcher. Uncover potential vulnerabilities resulting from system configuration faults, coding errors, deployment weaknesses or usage of know vulnerable components. Conduct employee security awareness training. Helping employees understand proper cyber hygiene, the security risks associated with their actions and to identify cyber attacks they may encounter via email and the web. Performing static and dynamic analysis security testing. Management the security risk of using third-party components.

Informzaschita

2 roles

Head of Security Analysis

Promoted

Mar 2014 – Oct 2015 · 1 yr 7 mos

Technical support and management of a team of ethical hackers. Coordinate a team to execute their tasks and common goals. Ensure employees feel good about where they work, as it can have a positive impact on the business’s success.

Security Team Lead

Mar 2013 – Mar 2014 · 1 yr

Technical support and management of a team of ethical hackers.
Security assessment of Internet-facing systems to determine if there are exploitable vulnerabilities that expose data or unauthorized access to the outside world.
Manual and automated review of an application's source code in an attempt to identify security-related weaknesses (flaws) in the code.

Jsc echelon

Security Engineer

Dec 2011 – Mar 2013 · 1 yr 3 mos · Moscow

Independent review and examination of a software and activities to determine the adequacy of security controls, ensure compliance with Russian legislation, detect breaches in security services, and recommend any changes that are indicated for countermeasures.
Manual and automated review of an application's source code in an attempt to identify security-related weaknesses (flaws) in the code.