24 years of breaking things
so you can build with confidence.

I started in security in 2002. Back then it was writing web apps, then securing them. Then IDS signatures at Xalted Networks. Then system administration at CDAC. Each role taught me what actually breaks in production — not theory, but the real failures that cost companies time and money.

In 2008 I founded The App Sec Lab. In 2009 I co-founded null — India's open security community. We grew it across 6 cities over 11 years. Thousands of security professionals learned, shared, and leveled up through null meetups and workshops.

In 2015 I co-founded Appsecco — product security testing for teams that ship. We test apps, APIs, cloud infrastructure, and AI integrations. No compliance theater — just real findings your engineering team can act on. Today we're also training pentesters to become AI red teamers.

In 2020 I founded Kloudle because dev teams without dedicated security were struggling with cloud misconfigurations. Now Kloudle is evolving into the security layer for AI agent infrastructure — because when your agents have access to production systems, the stakes are different.

I wrote two books published by Packt. Burp Suite Essentials was recommended by PortSwigger themselves. I ship 26 active projects across agentic security, developer tools, and education. I write two newsletters on cloud security and AI agent security.

The through-line: real-world security for builders who value outcomes over compliance checklists.