About
I am a pragmatic security leader, currently works on product security, and cloud native security areas. I have created multiple OSS projects including Kubernetes Goat, Hacker Container, tldr.run, etc. I frequently speak & train at events and conferences like DEFCON, Black Hat, SANS, USENIX, OWASP, Nullcon, All Day DevOps, DevSecCon, null, and many others around the globe. My research has found 200+ vulnerabilities in products, and organizations including Google, Microsoft, AT&T, NTOP, Adobe, WordPress, Gitlab, etc. Published author of Security Automation with Ansible2, also a technical reviewer for books, conferences, etc. I contribute to communities like All Day DevOps, null, AWS, OWASP, etc. I also advise startups on building great products, communities, and adding value.
Badges
Maker History
- SafeDep vetIdentify Open Source RisksMar 2023
- Kubernetes GoatInteractive Kubernetes Security Learning Playground 🚀Apr 2022