Skills & Expertise

Technical Arsenal

A curated stack of methodologies and tooling developed over 6.5+ years of applied Application Security work.

Application Security

  • Threat Modeling (STRIDE)
  • Secure Code Review
  • API Security Testing
  • SAST / DAST
  • Vulnerability Management & Triage
  • Web / Mobile Penetration Testing
  • Thick Client Pentesting

DevSecOps

  • CI/CD Security Integration
  • Software Composition Analysis (SCA)
  • Secrets Scanning
  • Container Security
  • Infrastructure as Code Security

Cloud Security

  • AWS Security Specialty
  • IAM & Privilege Management
  • Cloud-native Security Controls
  • Network Security Architecture

Programming

  • PythonAdvanced
  • JavaScript / TypeScriptProficient
  • Bash / Shell ScriptingAdvanced
  • GoIntermediate

Tools & Platforms

Burp Suite ProOWASP ZAPSemgrepSonarQubeCheckmarxBlackDuckHub (SCA)GitHub Advanced SecurityQualysNmapTrivyNucleiAWS Security Hub

© 2026 Anilkumar · Senior AppSec Engineer